The 3 Violations of Ledger’s Firmware Fiasco

How Ledger's new recover service violates the crypto ethos

Ledger’s new “Recover” service may have earned top honors for crypto news of the week. In the eyes of the crypto degens Ledger Recover is a violation of the crypto ethos in 3 major ways.

First, let’s get the skinny on Ledger Recover.

Seed splitting

Ledger released a firmware update allowing users of the Nano X to opt in to a seed recovery service with the hopes of onboarding millions of new customers who may be intimidated by the self-custody ethos. The “Recover” service uses Shamir’s Secret Sharing Scheme to cut the seed into 3 pieces and send them out of the coveted secure element within the ledger hardware wallet.

KYC and centralized parties

Ledger has two KYC identity partners, Onfido and Tessi, who verify a user’s identify similar to onboarding at an exchange via the Ledger mobile app. Ledger stores one of three encrypted shards or pieces of the seed along with two third-party recovery service partners, Coincover and EscrowTech. Then 2 of the 3 centralized entities would send their respective shards back to the user in 2 of 3 seed recovery scheme that uses Onfido or Tessi’s verified identity to release the shards. 

The 3 violations

• Violation of Trust
• Closed-Source Firmware
• Value Prop Antithesis

Violation of trust

“How can you prove to us the customers that the private keys on the device are not leakable via a firmware update in case someone at the company wants this?” a Twitter user known as @S_Radude asked on Nov. 15, 2022.

Ledger responded, “Hi - your private keys never leave the Secure Element chip, which has never been hacked…a firmware update cannot extract the private keys from the Secure Element”

Apparently, Ledger’s November 2022 private key promise is not true after all. The firmware update makes seeds extractable regardless of whether they’re encrypted.

“​​I guess the thing that bugs me here is that there’s this breach of a covenant that seeds would never leave the secure element chip, even though it’s always been possible to do that through firmware (and this remains an option for other hardware wallet suppliers too),” Crypto developer and researcher Laurence E. Day told Coindesk

Indeed Charles Hoskinson also made this clear in his 6-point Ledger Controversy tweet saying “Don’t break social contracts.”

Closed-source firmware

Charles Hoskinson’s tweet also included this, “Always choose open-source software whenever possible that has been audited by numerous sources on a regular basis.”

Open-source means that both the code and the code audits are published and transparent. Since anyone has access to open-source code there’s a community consensus around a firmware’s vulnerabilities and capabilities. If firmware is closed source, then this isn’t possible. Therefore, Ledger’s new promises about their recover service can’t be verified. Otherwise open-source verification cycles back into the feedback loop of trust.

“If you can update the firmware to instruct the ‘Secure Element’ to encrypt, shard, and distribute the seed, what stops you from updating the firmware next week to just extract the unencrypted seed,” user @NewWageCrypto asked.

Ledger’s closed-source firmware is therefore not transparent. Any possible attack vectors can’t be easily determined to see if Ledger’s assertions match their technical specifications. In all fairness many businesses closed-source firmware or other code as a business strategy to ring fence their IP and stay ahead of the competition. In some cases the closed-source IP is later open-sourced. While the closed-source approach is not ideal for the end user it can be viable in combination with other factors like trust, reputation and perception. 

Value prop antithesis

Pavol Rusnak, co-founder of SatoshiLabs (Trezor) said, "For a hardware wallet to transmit the seed or shares that can reconstruct the seed over the internet fundamentally alters the security threat model of a hardware wallet. In fact, this change is so significant that I'm not convinced it's a viable solution for a hardware wallet at all."

If Ledger wants to offer a recover service catering to noobs, it should be a different product altogether and not force the degens into using a tool that can shapeshift from self-custody to using third parties. The KYC process and third-party recovery services effectively turn the hardware wallet from cold storage into a hot wallet. Ledger should consider creating "Nano R", a hardware wallet sold with different firmware for the Ledger Recover service while keeping the firmware for Nano X and other products in tact.

In addition, sophisticated AI could potentially dupe the recovery KYC process and get the seed shards released into hands of a bad actor. The firmware update is the antithesis of the value proposition of secure elements that provide a forcefield around your private keys.

Ledger claims the user always has control over opting into Recover and completing the recovery process, however there is always inherent susceptibility risk to nefarious key extraction when a feature allows for it in the first place. Said another way, I've seen other crypto companies make claims about the impossible only later to find out someone figured out a hack. 

You must decide if you want to keep using Ledger. You can also get a great analysis from aantonop and lopp. Diversification is your friend so apply it to everything in crypto including hardware wallets. Use different hardware wallet manufacturers and multiple wallets. For example, consider deploying 2 Trezors and 2 Ngrave Zeros in addition to your Ledgers. 

Resources: 

Is Ledger’s New Bitcoin Key Recovery Feature Safe? Experts Have Doubts 

@IOHK-Charles: With respect to the Ledger controversy, I say the following:

Ledger Recover: What The Hell is Happening? With aantonop and lopp

Your goal is always to get a Crypto Bullseye™.

Yours in Crypto, 

Kirk David Phillips, CPA, CMA, CFE, CBP