Crypto hardware wallet provider Ledger is receiving major backlash from its online user base after releasing a controversial update that many fear exposes major security flaws with the manufacturer.
Ledger has claimed that the new functionality is both safe and entirely optional, but security experts and crypto holders are already distancing themselves from the company.
Ledger’s Controversial Recovery Service
Concerns began to swell late on Monday after Reddit user Joe_Smith _Reddit published a post asking for an official “yes or no” on whether Ledger has a built-in backdoor for accessing users’ private keys. A private key is the secret alphanumeric string that lets users access their crypto on the blockchain.
Smith’s question specifically pertained to Ledger’s new “Ledger Recover” service – a subscription service for Nano X device holders that lets them recover their crypto even if they’ve lost both their wallet device and recovery phrase. A recovery phrase is a user’s private key expressed in mnemonic form.
According to Ledger, the service – enabled in firmware update 2.2.1 – works by duplicating the device’s recovery phrase on the device, encrypting the copy, fragmenting it into three…