Ledger hardware wallet rolls out cloud-based private key recovery tool

Hardware wallet firm Ledger is rolling out its cloud-based private key recovery solution despite facing significant criticism from the crypto community.

Ledger Recover, an ID-based private key recovery service for the Ledger hardware wallet, is launching on Oct. 24, the firm officially announced on X (formerly Twitter). The release comes in conjunction with Ledger finalizing the open-source code for the Ledger Recover on GitHub.

Provided by blockchain protection platform Coincover, Ledger’s seed phrase recovery solution is a paid subscription service allowing users to back up their Secret Recovery Phrase (SRP). SRP is a unique list of 24 words that backs up the private keys and gives users access to their crypto assets.

A spokesperson for Ledger told Cointelegraph that a Ledger wallet encrypts a “string of random 1s and 0s” from which a SRP is computed. The encrypted string of numbers is then fragmented into three pieces used to backup a SRP.

“Ledger Recover only interacts with the fragments, and never with your SRP in its readable format,” the representative noted. According to Ledger, encrypted SRP fragments are distributed using end-to-end encrypted and authenticated channels of three independent companies including Ledger, Coincover and EscrowTech. The spokesperson added:

“Each fragment on its own is a useless set of random numbers, and no single company has access to the entire backup. This ensures the highest level of security and removes a single point of failure.”

Ledger Recover was designed for users who “want to add an enhanced layer of resilience” in case their SRP is ever lost or destroyed, Ledger’s chief technology officer Charles Guillemet said. He also emphasized that Ledger Recover is an optional recovery service, adding:

“If you don’t wish to use the service, no worries — it’ll always be 100% optional. You can simply continue using your Ledger as you did previously — nothing will change.”

At launch, Ledger Recover is compatible with Ledger Nano X, with Ledger Stax and Ledger Nano S Plus integration coming in the near future. The solution is not compatible with Ledger Nano S, according to the Ledger Recover FAQ.

Ledger Recover is initially available to passport or identity card holders in the United States, Canada, the United Kingdom and the European Union. “We will be covering more countries and adding support for more documents,” Ledger said.

The firm emphasized that Ledger Recover’s identity verification “is not the same” as Know Your Customer (KYC) checks carried out by centralized crypto exchanges. Ledger noted that its recovery system only requires a “valid, government-issued document,” stating:

“Identity verification inherently collects much less information compared to KYC […] KYC involves ID verification but it can also include revenue information, record of criminal activity, citizenship check, etc.”

According to social media posts, the Ledger Recovery service will be available at $9.99 per month, or about $120 per year. If a user fails to pay the subscription, the subscription will be suspended, allowing the user to reactivate the subscription in the next nine months.

“You will need to pay an administration fee of 50 EUR along with any outstanding balance,” Ledger Recover FAQ reads.

The rollout comes months after Ledger paused the recovery service in May 2023 in response to community backlash. Ledger CEO Pascal Gauthier subsequently said that the firm will launch the product once its open-source code is released.

Ledger’s largest competitor, Trezor, has stayed away from introducing a cloud-based private key recovery solution, opting for a physical backup solution. Trezor launched its own physical seed phrase recovery tool, Trezor Keep Metal, in mid-October 2023.

Source: cointelegraph.com