Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Hardware wallets
Re: Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities
by
Synchronice
on 01/06/2023, 09:20:31 UTC
Quote from: o_e_l_e_o on May 27, 2023, 09:06:49 AM
Quote from: dragonvslinux on May 27, 2023, 08:51:26 AM
I checked for you, it's done via KYC provider Onfido. Make of that what you will.
For Ledger's shard, yes. But your KYC data will also be stored with the other two third party companies as well, in order for them to release their shard if needed:
Quote from: https://www.ledger.com/academy/what-is-ledger-recover
Ledger Recover uses your ID and a selfie to verify who you are, via its Identity Verification provider, Onfido. Then, it links your identity to encrypted fragments of your Secret Recovery phrase. The identity providers store this ID data in an encrypted form.

So there will be three companies holding your KYC data, duplicated across an unknown number of servers in an unknown number of locations with unknown security protocols and an unknown number of people with digital or physical access. Just like every other KYC, it will only be a matter of time before your information is leaked/hacked/shared/sold.
What is the actual problem in KYC? The fact that your identity is revealed to some 3rd parties or the fact that your bitcoin address is trackable? But one can use Monero in this case. By the way, sometimes I'm lost in vein when I think about KYC. The fact is, when you are born, you get birth certificate, unique ID number, passport, your fingerprint is saved, etc. So, this information is stored by the government but at the same time if you want to start work, if you want to open bank account, if you want to visit a clinic, if you want to get internet, electricity, gas and water at home and so on, you have to share this data, that means that your data is never safe, tons of people already have access to it and still you have to reveal it many times in real life.
One can't really be sure how many times their KYC documents have leaked from land-based companies.
While it's true that three companies, including Ledger have access to your KYC documents, at some point we can say that revealing your KYC documents can't really affect your quality of life and personally the only threat I can see is that they'll know when and how I spend my crypto, they'll know it for sure. Besides this, is there any other reason to be afraid of KYC? I don't really think that Ledger's data breach is the only thing that will reveal my KYC data, I'm afraid our data has been leaked many times from the institutions that I mentioned above.
I'm not an anti-KYC, just want to know what are your real fears when it comes to KYC.