Main navigation

Ripple CTO Weighs in on Ledger Controversy: Details

Wed, 05/17/2023 - 11:18
article image
Tomiwabold Olajide
Hardware wallet provider Ledger causes stir in crypto community
Ripple CTO Weighs in on Ledger Controversy: Details
Cover image via

Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.

Read U.TODAY on
Google News

Ripple CTO David Schwartz has shared his take on the controversial Ledger Recover service. Hardware wallet provider Ledger caused a stir in the crypto community after the details of its newly introduced Ledger Recover service surfaced online.

Per the company's last Twitter update, the new Ledger Recover encrypts a version of the user's private key and splits it into three fragments (using Shamir Secret Sharing); all of this happens on the Secure Element chip.

Security concerns have been raised over the new product since many people believe hackers could use the service to "recover" the seed phrases of users.

The worries are not unfounded because Ledger experienced a data leak in 2020 that made approximately 300,000 client phone numbers, physical addresses and more than one million email addresses public.

Schwartz referred to a Nov. 15, 2022, tweet wherein Ledger made it known that private keys never leave the Secure Element chip, which has never been hacked.

Ledger, in the tweet, also mentioned that the Secure Element is thid-party certified, being the same technology used in passports and credit cards and that a firmware update could not extract the private keys from the Secure Element.

The Ripple CTO mentioned that this was what was understood until recently about Ledger's security model and value proposition.

Ripple CTO and Solana co-founder comment

In another thread of tweets where the Ripple CTO and Solana co-founder Anatoly Yakovenko responded to a user's concern about the new Ledger product, Schwartz maintained his stance: "I trusted them to design a device not capable of exfiltrating keys because that's what they explicitly said."

He had commented under the Solana co-founder's tweet, "If you trusted them before not to exfiltrate your keys, you can trust them now not to do it when that feature is off. I think the attack surface is about the same."

Ripple CTO Shares One Prevalent Idea Since 2011 That He Never Pursued: Details

On Twitter, a user expressed his reservations about the product, stating that a truly secure hardware wallet should not be able to send users' private keys. "The device's flaw is its capability to send the private key," he stated.

Per details provided by the hardware wallet provider, Ledger Recover is an optional subscription for users who want a backup of their secret recovery phrase that is not automatically enabled by any firmware updates.

article image
About the author

Tomiwabold is a cryptocurrency analyst and an experienced technical analyst. He pays close attention to cryptocurrency research, conducting comprehensive price analysis and exchanging predictions of estimated market trends. Tomiwabold earned his degree at the University of Lagos.