Crypto hardware wallet provider Ledger will delay plans to launch its private key recovery service after receiving major backlash following its announcement last week.
The controversy – which rose questions about the safety and trustworthiness of Ledger devices more broadly – has inspired the company to accelerate its open-sourcing roadmap.
Ledger CEO Pascal Gauthier began by issuing a public apology letter on Tuesday for the way Ledger’s “Recover” service was initially communicated to the public.
“Our unintentional communication mistake took everyone by surprise and affected our customers’ ability to accurately understand Ledger Recover,” said Gauthier. “We never meant to surprise you.”
Ledger Recover, announced last week, is an upcoming paid subscription service for Ledger Nano X users that gives them a way to recover their crypto in case they lose both their device and paper-backup seed phrase. At a technical level, it involves breaking up a user’s private key into three encrypted “shards”, and storing each shard with Ledger, Coincover, and another third party.
The service was widely criticized for exposing that Ledger could potentially take users’ private keys from their devices with malicious firmware update. Concerns swelled later that week when Ledger Support claimed (in a now-deleted tweet) that customers have always “trusted” Ledger not to release such malicious code “whether you knew it or not.”
In a podcast episode of What Bitcoin Did posted on Monday, Gauthier also stated that Ledger’s custodians could be forced to forfeit a customer’s private key shards if subpoenaed by a government.
Ledger still plans to go forward with a “clarified version” of Ledger Recover in the future, which will answer most of the community’s expressed “sticking points.”
“The main concerns that you expressed are around transparency, censorship resistance, and security,” said Gauthier. “I think we’ve done a good job to address all of your concerns.”
Ledger CTO Charles Guillemet detailed how the company would open-source more of its software going forward as a commitment to maximal transparency. “Open-source” code refers to code that is publicly viewable and verifiable.
The firm recently open-sourced its cryptography library, and will soon release its Ledger Recover whitepaper, allowing anyone to “audit the cryptographic protocols and enable people to build their own shards backup provider.”
Ledger plans to “gradually” open source most of its operating system, but still cannot fully open-source its firmware due to IP agreements with the manufacturers of its smartcard chips, which fend off hostile attackers with physical access to the device.
“Open sourcing has always been at the core of our roadmap, and recent events emphasize the importance of accelerating our initiative to bring greater verifiability to everything we do at Ledger,” concluded the CTO.