Charles Guillemet (Ledger): "The fear surrounding Ledger Recover is totally irrational".

The Big Whale: After a few leaks, you've made the launch of Ledger Recover official. How old is the project?

Charles Guillemet: The idea must date back to 2020 or 2021. Over the past few years, we've noticed, and we're not the only ones, that there are people who are comfortable keeping their cryptos themselves, but that the overwhelming majority of people leave them on exchange platforms, not least because it's not easy to manage your cryptos yourself on a wallet like a Nano.

You have to master the technology, know how to manage your seed phrase (24 words), and for many that represents a constraint. So we asked ourselves the following question: how can we make the user experience of self custody accessible to as many people as possible?

Let's go into a bit more detail. How exactly does Ledger Recover work?

It's pretty simple. When you have your Ledger Nano X (and soon Ledger Stax when it becomes available), you create a Ledger Recover account on which you fill in your email. You then have to check your identity (documents and facial recognition, editor's note) with two different service providers (Onfido and Tessi, editor's note), and initialise the process using the Nano X's physical buttons. That's it for the user.

What happens technically once the user has validated the operation?

After validation, the Nano will take the seed phrase and cut it into three pieces using the Shamir cryptographic algorithm. Each part is then encrypted inside the Nano. Once this operation has been completed, the three pieces are sent to three different backup service providers: Coin Cover, EscrowTech and Ledger.

What assures the user that the three chunks cannot be intercepted when sent to the backup service providers?

We have provided for this possibility by setting up independent 'Secure Channels'.

To put it simply, Coin Cover is certain to communicate with a Nano and vice versa, but it is also certain to communicate with the right person because the identity has to be validated on the Nano (and vice versa again).

Once validated, each piece is encrypted again and then stored at the backup service providers in an HSM (Hardware Security Module), i.e. an electronic device offering a security service to store and protect cryptographic keys. This operation is carried out three times with Coin Cover, EscrowTech and Ledger.

How can customers recover their seed phrase?

All they have to do is have their identity verified again with our two service providers Onfido and Tessi. Once this has been done, two backup service providers (among Ledger, Coin Cover and EscrowTech) send the pieces they hold back to the Nano and the reconstitution takes place on the hardware. A key can only be reconstituted if two out of three pieces are assembled. You can't do anything with a single piece.

Will Ledger store the identity documents of users who opt for this option?

Absolutely not, we only do cybersecurity. It's not our job to manage KYC, we don't need to know our customers. All that part is managed by Onfido and Tessi.

Even if we were asked, we couldn't provide the private key of one of our customers. And we also have no way of knowing the amount of cryptos that are stored in their wallets.

If the courts order two providers (Ledger, Coin Cover or Tessi) to provide the chunks they store, can they take control of a customer's wallet?

If states were to request it, from a cryptographic point of view, yes, it is possible.

Ledger is French, but what are the jurisdictions of Coin Cover and Tessi?

Coin Cover is British, Tessi is American. It was important for us that the three partners were in different jurisdictions. Nevertheless, you have to bear in mind that criminals don't use cryptos much because of their traceability, and I doubt they'll use Ledger Recover by providing their identity...

Some observers now fear that their private key can be reconstructed, even if they haven't subscribed to Ledger Recover. Can you certify the contrary?

It's safe and certain. Everything stays in the hardware if you don't want to use the service.

How did you feel about the controversy this week when some people questioned Ledger's security?

I think there are some malicious people on Twitter, particularly in the crypto ecosystem. I can't explain it to myself. Personally it doesn't bother me, in fact it doesn't interest me much, and thankfully not everyone is like that. Among the critics, some simply didn't understand how Ledger Recover worked, and the fact that they had the choice not to use it.

Finally, others felt they had Ledger's security model all figured out and discovered that the firmware had access to the seed phrase. Many thought this was impossible, when in fact it had always been the case.

I was a little surprised by this, I wondered what we had missed in our educational efforts to get to this point... But the fear around Ledger Recover is totally irrational.

Fairly, the controversy erupted because an Internet user spotted the feature in the description of a software update before you presented Ledger Recover. Wasn't that a major miscommunication?

What I've noticed is that people are inspecting the release notes (laughs). The negative point is that a lot of people got into a kind of speculation and we had to react very quickly to respond to all the fears instead of calmly presenting our new product.

If we had it to do over again, we would have presented Ledger Recover to the public before releasing an update with its "release note".

How do you deal with the fact that some radical users are disappointed with the direction the company is taking?

A few years ago, we had the same debate about the merits of integrating Ethereum into Ledger in addition to Bitcoin. For many, the fact that you could sign transactions from two different protocols within the same hardware appeared to be something dangerous.

Personally, I'm all for freedom. Those who don't like Ledger Recover can simply not activate it and it will make absolutely no difference to them in terms of security.

Some key figures in the ecosystem such as Changpeng Zhao, the boss of the Binance exchange platform, have taken advantage of the controversy. What does this bring to mind?

It's fair game, with Ledger Donjon (Ledger's security research team, editor's note) we revealed that Trust Wallet (Binance's wallet, editor's note) had had security flaws.

Ledger Recover made the choice of identity, but that's not the only solution for recovering a seed phrase. Have you considered others?

We think our solution is the simplest, but others were on the table. We could, for example, implement a device on the blockchain like Ethereum's "social recovery". The problem is that this can only be done on... Ethereum! However, we are a multi-currency security provider, and in any case that doesn't solve the issue of ease of use.

There is also the possibility of doing "social recovery" with friends, but that implies having acquaintances who are totally in control of the process. Admittedly, this makes it possible to have a distributed recovery system, but for simplicity it's still not very effective...

The Ledger Recover option costs €9.90 per month, which is quite expensive. Why such a high price?

We carried out a market study asking people how much they were prepared to pay for this type of functionality. In the end, the price we chose was the one that came out of this study.

Now, I think that for security tools it shouldn't be too affordable. When you go bungee jumping and you have a choice between two experiences, one at €100 and the other at €10, which do you choose? Chances are it'll be the former.

My opinion is that there's a perception of the level of safety in the price on offer. If we had offered this feature at 2 euros it could have done the product a disservice.

What do you plan to do in the event of a bug if the customer can't recover their private key?

Our customers are covered up to 50,000 dollars.

Do you plan to beef up the service by adding other features?

Yes, that's very likely. Quite naturally, we're thinking about the issue of inheritance. For many crypto users - and even the most seasoned ones - there is no really simple solution for transferring funds in the event of death. With Ledger Recover, there is an opportunity to do just that.

I can't put forward a timetable, it will depend on the feedback we get on the product. For the moment, we're concentrating on answering all the questions about the current offering.

Why isn't Ledger's software code open source, unlike your competitor Trezor?

This is a debate we've been having for many years. Personally, I like open source and I think it's important for the community. However, to offer optimum security, we have chosen to use a Secure Element (a secure hardware platform). In the case of Ledger, STMicroelectronics is responsible for its manufacture, which is contractually prohibited from revealing the operation of this chip.

Trezor has not opted for a 'Secure Element'. They have an electronic circuit of the same type found in a television remote control. This is what allows them to be open source, but on the other hand it's a less secure solution.

‍