Post
Topic
Board Hardware wallets
Merits 35 from 10 users
Re: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities
by
RickDeckard
on 17/05/2023, 23:13:34 UTC
⭐ Merited by Welsh (12) ,mprep (10) ,LoyceV (4) ,Pmalek (2) ,FatFork (2) ,vapourminer (1) ,joker_josue (1) ,HeRetiK (1) ,tabas (1) ,DdmrDdmr (1)
Right. But approve what?
Does the person have to repeat the passphrase in order to be registered in this "recovery program"? Or is it just a mere question, which person answers "yes"?
From what I can comprehend from Ledger replies all over Twitter, it seems that a prompt will appear on the device screen asking you if you want to subscrive to the service (or a similar message). If you decide to approve by means of physically pressing the button on your Ledger then this circus happens[1]:
Quote
If a user decides to subscribe to Ledger Recover, then his/her SRP will be encrypted, fragmented into three parts, and each part will be sent end-to-end encrypted between your Ledger product and the backup providers' secure Hardware Security Models (HSMs – not in the cloud).
Basically they are, once again, saying that a copy of your Secret Recovery Phrase will be encrypted and then sent over to 3 entities by E2E encryption channels. What they keep claiming is that without a user concept, Ledger isn't able to proactively access their users SRP[2]:
Quote
Ledger acts as backup provider for only one encrypted fragment, and a single fragment doesn't allow the SRP to be recovered.
Ledger cannot access any user’s SRPs, nor will it be able to do so at any point in the future.
Remember o_e_l_e_o previously linked tweet[3]? I'll like you to introduce you to the following statement by Ledger about 4h ago:

Someone correct me if I'm wrong, but isn't Ledger openly admitting that enabling this feature was always possible from the beginning? Isn't this mocking their userbase?

[1]https://nitter.it/Ledger_Support/status/1658828387807264772
[2]https://nitter.it/Ledger_Support/status/1658824425192521728
[3]https://bitcointalk.org/index.php?topic=5452900.msg62258795#msg62258795
[4]https://nitter.it/Ledger_Support/status/1658910942405566485