Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Hardware wallets
Merits 2 from 2 users
Re: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities
by
RickDeckard
on 17/05/2023, 19:07:18 UTC
⭐ Merited by vapourminer (1) ,FatFork (1)
Quote from: Pmalek on Today at 06:35:34 PM
Quote from: o_e_l_e_o on Today at 05:34:00 PM
Quote from: https://nitter.net/Ledger/status/1592551225970548736#m
Hi - your private keys never leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element.
That statement is still true today. The keys can't leave the secure element unless you pay $9.99 a month for the pleasure of sharing your keys. It's not a time to joke around, but this is as silly as it gets.
I've seen some reports of users on Reddit and Twitter that actually stand besides Ledger in saying that their keys are still safe if they don't opt-in for this program. This baffles me and I can't honestly understand what's the reasoning for such actions. Not only did they lied, as per the information shared by o_e_l_e_o, but they are gaslighting their audience in saying that their keys a copy of their keys ( Cheesy ) are only shareable if the user decides to which totally goes against the concept of all their products. And they keep saying this over[1], and over[2] and over[3] again[4], which is ridiculous. They never answer the real question - Why is this feature even possible to be activated by either party?

And here's another article where Ledger tries to make sense of this service[5] where, once again, they explain that the original Ledger device isn't needed to "unlock" the original recovery phrase, which is mind-blowing :
Quote
If you choose to pay for a subscription, you're still the only one with access to your Secret Recovery Phrase, and you will also have a backup that will be created and accessible only to you. You remain the only one able to pass the identity verification check that is required to fetch back the encrypted fragments and rebuild your Secret Recovery Phrase into another Ledger device—should you need to do so in the future.
[1]https://nitter.it/Ledger_Support/status/1658905804307669008
[2]https://nitter.it/Ledger_Support/status/1658908657482973184
[3]https://nitter.it/Ledger_Support/status/1658905447783440401
[4]https://nitter.it/Ledger_Support/status/1658902661360492553
[5]https://support.ledger.com/hc/en-us/articles/11022833583261