It’s been a brutal 72 hours for Ledger since it launched its Recover service.
"What a horrible mess," Éric Larchevêque, Ledger co-founder, said on the CryptoCurrency subreddit.
"I'm devastated to come on this subreddit, that I created nine years ago, to see images of Ledger devices burning, insults, and lot and lot of anger. I'm honestly [on] the verge of tears," he said.
Ledger Recover is an opt-in subscription service costing $9.99 a month.
After signing up, your recovery phrase is split into three encrypted fragments and then trusted with custodians—Ledger, Coincover, and a third provider. When you want to recover your seed phrase, you are required to prove your identity using your passport or national identity card.
Users were concerned that they were having to trust in three centralized figures, the risks of identity theft, as well as the possibility that their seed phrase can be taken off their hardware wallet, even if they don't opt-in, through an alleged “backdoor.”
"Burn them all," a Twitter user said, smashing their Ledger with a hammer and then taking a blow torch to it.
Burn it to the ground. Burn them all. #Ledger pic.twitter.com/6syU5QVToV
— Jester Novares (@JesterNovares) May 17, 2023
"Congratulations Ledger, you destroyed your reputation!" one Reddit user exclaimed. Other Reddit users started to refer to Ledger wallets as paperweights due to the new service.
"I've given so much to this company, that it's impossible for me not to be highly emotional in this moment," Larchevêque said. "So much anger, so much hate, and also so much insanity."
After co-founding Ledger in 2014, Larchevêque was CEO until 2019. Currently, he is only a shareholder of the company, he does not hold an executive position. Therefore, the views expressed in his post are his personal views and are not representative of Ledger's official position on the matter.
"To me, all this meltdown is a total PR failure, but absolutely not a technical one," Larchevêque explained. "Trying to explain the security model to customers with a less and less knowledgeable user base became more and more difficult."
As long as you trust Ledger
The co-founder of the hardware wallet company chronicled the growth of Ledger and how education has been at the core of the project's mission since its inception.
He pointed to an old tweet that explained "a firmware update cannot extract the seed from the Secure Element," stating that the tweet should have included "as long as you are trusting Ledger."
Hi - your private keys never leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element.
— Ledger (@Ledger) November 15, 2022
This tweet led users to believe that Ledger is a trustless solution. This "is not the case," the Larchevêque explained. "Some amount of trust must be placed into Ledger to use their product."
"When Recover was abruptly launched, this false sense of trustlessness went into pieces and people started to actually understand how a [hardware wallet] works. At least, that's a positive note," he said. "My mistake as a CEO during my tenure was probably not be relentless enough about explaining the security model."
There are two sides to the outrage, according to Larchevêque.
One side comes from people who were misinformed about Ledger's security model and for those people, he understands their hurt.
However, he also sees a group of people jumping on "the hate bandwagon" spreading conspiracy theories about a backdoor.
"You don't have any understanding of what you are saying," he said in his Reddit post.
A Ledger spokesperson confirmed to Decrypt that for your seed phrase to be extracted in the Ledger Recover process you must sign a transaction. Otherwise, Ledger cannot access your seed phrase.
"Ledger is still safe, there is no backdoor, the Ledger Recover is not a conspiracy, no one will ever force anyone to use Recover," Larchevêque said. "The Recover code in the firmware is not a malicious code nor does it open a way to arbitrarily extract the seed."