The update allows you to restore access to the wallet in case you lose your password but involves sending parts of it to third parties

​Experts question the security of Ledger’s new private key recovery feature

19.05.2023 - 16:30

402

8 min

When Ledger, a Paris-based hardware wallet-maker, announced a new key-recovery feature this week, it thought the move would be popular.

Allowing users to recover their private keys – much like you can recover your password if you forget it – would help onboard customers, the company believed. Potential crypto users are known to be turned off by crypto's unforgiving self-custody ethos ("not your keys, not your coins"). But a key recovery service would offer more comfort.

Immediately, the launch of "Ledger Recover" provoked criticism.

Opponents say that the product isn’t compatible with the concept of a hardware wallet, which promises to ring-fence private keys from prying eyes.

"For a hardware wallet to transmit the seed or shares that can reconstruct the seed over the internet fundamentally alters the security threat model of a hardware wallet," said Pavol Rusnak, co-founder of SatoshiLabs, which makes a competing hardware wallet Trezor. “In fact, this change is so significant that I'm not convinced it's a viable solution for a hardware wallet at all."

The opt-in update, available for Nano X models, allows Ledger owners to use a service named Ledger Recover and share their seed phrase (a sequence of words used to recover a lost wallet) with a set of trusted custodians, namely Ledger, Coincover and EscrowTech. They will store users’ encrypted backups for a monthly fee.

According to the company, this allows users to restore access to their crypto if they forget or lose their seed phrases. By using the service, they would be able to ask Ledger for help, prove their identity and get their private key restored for them.

The critics worry that both the firmware update and the whole recovery setup does not look safe. Ledger insists that things are secure as ever.

CoinDesk looked into how the new feature is supposed to work (as described by Ledger itself) and asked experts what the potential security concerns here may be.

Ledger explains

According to Philip Costigan, Ledger communications lead, the new feature does not mean the device itself communicates with custodians over the internet, as the Ledger wallets themselves “have no WiFi or any other internet connection capability.”

To transfer encrypted parts of the seed to custodians, users need to connect their Ledger wallet to their phone with a Ledger app via Bluetooth, Costigan said. The same mechanism is used for approving transactions, when Ledger owners want to spend crypto from their wallets.

Here is how Costigan explains the process: First, users verify their identity with Onfido and Tessi, the two providers Ledger employed for this task, via Ledger’s mobile app.

“Ledger, Coincover and EscrowTech don't review or hold people's IDs, it's done by the technology of the two providers I mentioned above who are experts here,” Costigan said.

After that, the Ledger device gets a prompt to create a backup. Then a backup is created, encrypted, divided into shards using the Shamir’s Secret Sharing technique and transferred to Ledger, Coincover and EscrowTech, Costigan said. Each custodian gets to keep one shard, which are useless on their own.

“All encryption, fragmentation, and decryption of your secret recovery phrase happens on your Ledger on the secure element. So the only thing that leaves the secure element chip, and only after your consent, are the encrypted shards,” he added.

Costigan also underscored that the hardware wallet itself does not store any user’s identity information on it.

When a user requires a recovery, any two out of three custodians will “send fragments back to your Ledger device, reassembling them to build your private key,” the FAQ page on Ledger website says.

Security concerns

The news of the update provoked a storm of criticism from the crypto community, with accusations that Ledger’s new offering contradicts its past statements about keeping private keys off the internet.

In particular, Crypto Twitter piled on the tweet Ledger’s official account posted in November, assuring users of the safety of their devices.

“How can you prove to us the customers that the private keys on the device are not leakable via a firmware update in case someone at the company wants this?” a Twitter user known as @S_Radude asked on Nov. 15, 2022.

“Hi - your private keys never leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element,” Ledger responded.

Users pointed out that the new update does almost exactly what Ledger said they wouldn’t do. There is a caveat: during the recovery process, as Ledger describes it, it’s not the private key itself that is getting extracted but the seed phrase encoding it.

This still sent a worrying signal to the users: what they considered safely stored in a little citadel of their hardware wallet now can leave it and travel elsewhere. What if Ledger decided to just extract and collect users’ seed phrases, without any protection?

“If you can update the firmware to instruct the ‘Secure Element’ to encrypt, shard, and distribute the seed, what stops you from updating the firmware next week to just extract the unencrypted seed,” user @NewWageCrypto asked.

“Technically speaking it is and always has been possible to write firmware that facilitates key extraction. You have always trusted Ledger not to deploy such firmware whether you knew it or not,” Ledger responded on Wednesday in a tweet that has since been deleted.

But the archived copy of the thread shows that the tweet, which immediately triggered a new wave of outrage, was followed by a clarification: for any update to happen, users must manually approve it.

“Every firmware update requires a PIN unlock device approval, this is the final line that makes it impossible for us to extract your keys even if we had your device,” another now deleted tweet from the company said.

However, the questions still linger: what does Ledger’s firmware actually can do and can users still trust their devices?

Crypto developer and researcher Laurence E. Day told CoinDesk that the core of a problem here is that Ledger’s code is closed source, so nobody can review what the update is actually doing. Blockchain security expert Christopher Allen shared similar considerations on Twitter.

“One of my concerns with the new Ledger Recover service is that they appear to be sharding via Shamir’s Secret Sharing, but doing so in a proprietary way and possibly in a naive fashion. We don’t know, as it is not open source,” Allen tweeted.

Looking for Attack Surfaces

For Day, the most worrying part of the situation is an apparent breach of trust between Ledger and its users, triggered by the contradictions in the firm’s statements.

“I guess the thing that bugs me here is that there’s this breach of a covenant that seeds would never leave the secure element chip, even though it’s always been possible to do that through firmware (and this remains an option for other hardware wallet suppliers too),” Day told CoinDesk via direct messages in Twitter.

Another issue has to do with privacy. Hardware wallets are typically viewed as a way to store your crypto anonymously, without attaching your name to it.

However, users who opt in for the Recover update will have their identities linked to their crypto wallets, making the experience closer to using a centralized exchange with know-your-customer (KYC) checks.

Head of content for another competitor hardware wallet maker Foundation, going by the nickname Seth For Privacy, tweeted that a setup Ledger is offering means a whole set of concerns for users, including “data leaks, hacks, and government censorship or surveillance.”

“Not only can leaks or hacks occur, the sales of data on users of Ledger would be extremely valuable now and in the future, and any of the ‘authorized third parties’ could decide to leverage your data as an income stream at any moment,” he wrote.

If, in the future, hackers breach Onfido or Tessi, they might get a list of Ledger users, who are likely to own large amounts of crypto (the wallet itself costs about $150 to buy), along with a wealth of their personal data, Seth added.

Ledger has been breached in the past: in July 2020, information of 272,000 users was stolen from the firm, with a series of phishing attacks on users following that breach.

Law enforcement agencies, too, might use the setup to get access to Ledger users’ crypto, Day said: “The three organizations that will hold the shards are known, so they’re liable to get a visit from the feds – so you could argue that by enabling Recover you’re turning your wallet hot even if there are legal steps in between,” he said. (In crypto terms, “hot” wallets are connected to the internet, “cold” are not.)

There is also a danger that, however secure the offered setup is, any system can be gamed, SatoshiLabs’ Rusnak said: “There's always the risk that someone could use generative AI technologies to impersonate me, obtain my seed shares, and ultimately reconstruct my seed.”

Some commentators on Twitter also voiced concerns that while the feature is optional now, in the future, Ledger might make it obligatory for all devices, for regulatory reasons or else.

Against the Crypto Ethos

Using trusted custodians is nothing new for crypto – in fact, everyone who keeps their coins on an exchange is trusting the exchange like it’s a bank. But hardware wallets embody the “be your own bank” ethos of Bitcoin: that you don’t have to trust an intermediary to keep your money safe.

This means keeping the keys to your crypto on a device that only you control, preferably disconnected from the internet, to avoid the risk of hacking. But this approach requires self-discipline that might feel excessively burdensome to many people. Ledger’s new service attempts to give users some peace of mind, allowing them to recover lost crypto wallets like they would recover stolen credit cards or forgotten passwords (although in a much more sophisticated fashion).

In this sense, Ledger Recover is a kind of compromise between the autonomy of cold storage and the comfort of custodial one: your crypto is on your device, but if you lose it, there is someone to restore it for you. The question is, do Ledger users want that compromise?

“I get the point of why you'd want to offer Recover as a U.X. improvement to mom and pop, but it just feels like a comms screw-up: mom and pop aren't using these devices anyway,” Day said, adding that hardware wallets users are by default a more sophisticated public.

Ledger, however, believes that moms and pops might just not know they want it yet.

“You’re saying this is not what customers want. Actually, this is what future customers want,” Ledger CEO Pascal Gauthier said during a Twitter Spaces session on Tuesday. “This is the way that the next hundreds of millions of people will actually onboard to crypto.”

This material is taken from the website https://www.coindesk.com.

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy