*The only alternative to this is that the decryption key is identical for every Ledger Nano device and so is simply stored on the device itself and not transmitted at all, but in this case any attacker can just buy a Ledger Nano and have access to the decryption key, so it makes no difference to the final conclusion that if your computer is compromised your funds can be stolen.
If it's a universal decryption key, don't forget about the requirement of undergoing KYC. Sure, that data could also be stolen from a compromised computer. We can only hope that those who opt-in for Ledger Recover will be asked for an extensive KYC verification during seed recovery. I am talking about live video verification, and not simple selfies. Another worrisome piece of the puzzle is that AI software progresses at a rapid pace and it's scary what it can do.
Wrote the following questions to Ledger support:
How will the seed recovery process take place on a new wallet?
Where will the decryption keys be stored and how will they be transferred to the new Ledger?
My request is accepted, it has been assigned id 1138638
If they send an answer, I undertake to publish it here without any changes.
I doubt those poor bastards can be of much help. All they can do is tell you what they have been told from up above or copy/paste some nonsense making them look unknowledgeable.