Not your Keys, Not your Bitcoin.
I keep telling you this to make you aware of the importance of owning your private keys through this famous meme.
If you own your Bitcoin's private keys, then you have the power. If you don't own your private keys, you let someone else decide for you, as is currently the case in the current system.
It's as simple as that.
When asked which cold storage solution to choose, I usually recommend the products of the two market leaders: Ledger and Trezor.
I've already talked about them in a dedicated article here by comparing what the two manufacturers offer: "Trezor vs. Ledger – Which Is the Best Hardware Wallet To Use With Bitcoin?"
Other solutions exist of course, but Ledger and Trezor products have always given me satisfaction. So there's no reason to go elsewhere.
Except that for a few days now, a controversy, like the Bitcoin world so loves them, seems to have been growing.
At the origin of this controversy, we find a new feature that a Ledger is about to launch called “Ledger Recover.”
Before telling you more, this reminds me of what happened at the end of April 2023 with Google Authenticator, the 2FA authentication solution from Google which is the reference on the market.
A little less than a month ago, Google announced that it was responding to an old request from its users: to allow the synchronization of single-use codes with their Google accounts.
Of course, this made the whole community overreact with a message that stood out: you have to leave Google Authenticator because syncing in the cloud endangers your security.
It must be said that Google Authenticator has become an essential security layer in the life of Google account owners since this solution effectively makes it much more complicated to steal your accounts and personal data.
A sync of your codes in the cloud could compromise this level of security.
Until now, the list of codes was only available on one device, unless you took the step to transfer them. This limitation was annoying when you wanted to log in on another device, or if your smartphone was stolen.
The ability to securely save these one-time codes within one's Google account was therefore something that many mainstream users had been waiting for.
Because in the end, this feature is not aimed at those who were offended by it, but rather at the general public, who are looking for additional guarantees in case of loss. Not everyone makes their security a top priority.
We have to understand this and put ourselves in the shoes of the general public.
The buzz that this generated was not necessary because this feature proposed by Google is indeed optional. If you don't want to activate it, you don't have to. It's as simple as that.
No need to argue for hours as some people have done.
By the way, if you are not satisfied with Google Authenticator, you can also look for other 2FA solutions...
You can also turn to passkeys today; those physical security keys that should ensure a world without passwords in the future.
With the “Ledger Recover” feature, the same thing is happening here.
Ledger Recover is a new service offered by Ledger to its customers. Ledger Recover is an optional and paid service that allows for highly secure backup and restoration of your Secret Recovery Phrase.
There is no obligation to use Ledger Recover, so it will not be activated by default. If you don't want to use Ledger Recover, you can continue to secure your 24 words yourself and use your Ledger as you always have.
For those who choose to subscribe to Ledger Recover, which is a separate service, a pre-BIP39 version of your private key is encrypted, duplicated, and divided into three fragments, with each fragment secured by a separate company: Coincover, Ledger, and an independent backup service provider.
Each of these encrypted fragments is useless on its own. When you want to get access to your wallet, 2 of the 3 parties will send fragments back to your Ledger device, reassembling them to build your private key.
After this quick technical point, I can give you my opinion.
My opinion is that it's better to keep securing your 24 words by yourself. You never know what can happen if you choose to synchronize your 24 words online.
Ledger seems to take every precaution, and you can trust their security experience for that, but basically, hackers will never run out of imagination to try to hack their solution and access private keys...
But I have to admit that I am a developer. So I am a technical person who is not afraid of all this private key stuff. I'm not necessarily representative of the general public.
Ledger is a company that logically has great ambitions for the future, and to be able to conquer the general public, we have to do everything we can to simplify their lives, but also to reassure them.
Having this assurance of private key security via Ledger Recover is something that will probably attract users who would rather leave their Bitcoin on exchange platforms.
But is it better?
After all, for those who opt for Ledger Recover, there will be at least 4 major risks that will arise:
- Phishing. This risk already exists now, but it will increase here. In any case, never enter your private keys on a third-party site. Many people get tricked this way and lose the funds in their wallets.
- Counterparty risk. Delegating the security of your private keys increases the counterparty risk. This is obvious. Previously, you were the only one responsible. For those who opt for Ledger Recover, the security will be delegated between three entities (actually 2 out of 3).
A data leak, a hack, a government intervention, a bug, ... You will be at risk every time. Some people will think that it will be better than putting their 24 words in the Notes application of their iPhone, as some people in the general public do.
- The risk of government intervention. With Ledger Recover, you become even more of a potential target for your government since you will have to share your identity to meet the KYC policy associated with this feature.
When asked if Ledger will provide your information in the event of a government request, the answer is and always will be YES. This applies to Ledger, but also to all other trading platforms or other services with a strict KYC policy.
This is the law, and you will never see a company going against the law or it will be shut down sooner or later. So, a government will be able to block your Bitcoin more easily this way for example...
- The risk of a backdoor. The source code of the Ledger firmware is not open source. So it's all a question of trust here. While the source code of Trezor's firmware is for example, you can't know what's going on inside your Ledger hardware wallet.
So it's easy for some to spread rumors of a backdoor. No proof as always, just allegations. As Ledger's CTO said again, Ledger has no interest in doing this. Ledger's past speaks for itself here.
After this full tour, I have a feeling that if you feel uncomfortable with this optional Ledger firmware update with an optional subscription offered for Ledger Recover, you are not in Ledger's target for this feature.
Ledger's goal is to become the Apple of the secure world in the cryptocurrency industry in some capacity. We saw this with the launch of Ledger Stax in late 2022.
Ledger has always intended to make investing in cryptocurrencies safe for as many people as possible. Once you understand that, you'll understand why Ledger needs to offer such functionality for the general public.
If owning a hardware wallet is obvious to you, it is not the case for 99.9% of the people who are in this universe.
By targeting the general public, companies like Ledger have to make choices that will appear deplorable to the cypherpunk ideal.
Besides, many cypherpunks already don't find themselves in Bitcoin anymore...
In conclusion, I would say that Ledger is moving in the direction that the company has chosen since its inception.
You may not like it, and I can understand that, but you don't have to continue using Ledger products if you don’t want to.
You can also take a step back and say that this optional and paid feature will not concern you. You can then continue to use your Ledger as before, securing your 24 words yourself.
It's up to you because the most important thing is to know what you're doing so that you can make your own decisions to keep the power. That's what the Bitcoin revolution is all about: giving you the power.
It's up to you ;)
Also published here