decrypt.co
“Ledger’s mission is security and ease of use,” said Charles Guillemet, Ledger Chief Technology Officer, during a Twitter Spaces on Tuesday, explaining the company’s new roadmap to make its plans transparent to users of its hardware wallets.
The one caveat: Some of its code needs to remain closed and proprietary due to the company’s security processes, Guillemet said.
The cold storage crypto wallet company’s entire executive team hosted a town hall on Twitter to explain why the launch of the company’s controversial Ledger Recover service was being put on hold, and answering the community’s questions about the recent update to its firmware to support it.
Last week, the company drew the outrage of the crypto community after announcing the new feature. Ledger Recover is an ID-based private key recovery service that would allow users to backup their private seed phrase and tie it to their personal identity through three different custodians. The service was priced at $9.99 per month.
After the brutal backlash, the executive team at Ledger decided to pause the update and published an “open source roadmap” that outlining how the company will bring more verifiability to its products.
But portions of its codebase, including anything to do with a secure element chip that’s also used in credit cards and passports, is proprietary and can’t be made open source.
Former CEO and co-founder Eric Larchevêque told the audience that “security by obscurity is not the best we can do, but we have to deal with secure element,” adding that these computer chips are “paramount for an extra layer of security.”
The team opened the floor to questions from the audience, which began with: “Why not build a completely new product for the Ledger Recover?” It’s been a common question posed on Crypto Twitter by users who don’t even want it to be possible to enable a seed phrase recovery service on their hardware wallet.
The team said that would constitute “security theater” and not be in line with the company’s best practices.
The conversation got heated when Twitter user ZK-shark asked about Pascal Gauthier’s, Chairman & CEO of Ledger, comments during a recent interview on the What Bitcoin Did podcast, about whether the personal information given to Ledger Recover would be susceptible in the event of a government subpoena.
Gauthier replied that the company “will always root for their customers, although he doesn’t know what they would do in case of a subpoena.” Ultimately he said, “if you have reasonable doubt, don’t use the service.”
The Ledger CEO–who published a personal message today–was adamant on today’s Spaces that “the majority of crypto users today are unsafe.” He backed it up by saying that of more than 400 million crypto users, only 10 million have hardware wallets.
Guillemet added that the announcement and eventual postponement of the Ledger Recover service “has been a humbling experience on how to work with the community for future decisions.”