I believe that if their sales drop critically, they will just release a new model that will not have the possibility of a Recover option and thus, at least apparently, they will restore trust again.
That would only restore a fool's trust.
The code is closed source and the company lies to their customers. How can anyone ever believe a word anyone at Ledger says, ever again? Only a fool would believe them.
This is what Ledger was saying while they were writing firmware for Ledger hardware wallets which enables key extraction over the internet. This is what they were saying while working with other companies on a scheme to enable key extraction from users' hardware wallets over the internet:
"Hi - your private keys **never** leave the Secure Element chip, which has never been hacked. The Secure Element is 3rd party certified, and is the same technology as used in passports and credit cards. A firmware update cannot extract the private keys from the Secure Element."
-- @Legder
https://twitter.com/Ledger/status/1592551225970548736Lies.
Your keys are always stored on your device and never leave it
Lies.
And from the Ledger website:
"Private data, such as your private keys will be protected and never leave the device due to the combination of BOLOS and the Secure Element."
"The secret keys or seed are never exposed to the BLE stack and never, ever leave the Secure Element."
Those are lies. They were saying that while writing the code to do it. They were saying that while signing contracts with other companies to store the data for it.
They were saying that, while writing code to enable key extraction from users' devices over the internet, and they put that code on users devices before letting users know key extraction was now built into the firmware on their devices.
Only under great pressure did they finally admit this:
"yes a firmware update can extract the seed"
How could anyone ever trust Ledger again?
Ledger can't be trusted.