Charles Guillemet (Ledger): "The fear around Ledger Recover is totally irrational"

Free
Cybersecurity
In a long interview with The Big Whale, the CTO of the French unicorn comes back on the controversy that targets his new product and explains what it will be used for.

The Big Whale: After a few leaks, you made the launch of Ledger Recover official. How old is the project?

Charles Guillemet: The idea must go back to 2020 or 2021. For a few years now, we have noticed, and we are not the only ones, that there are people who are comfortable keeping their cryptos themselves, but that the overwhelming majority of people leave them on exchange platforms, especially because it is not easy to manage your cryptos yourself on a wallet like a Nano.

You have to master the technology, you have to know how to manage your seed phrase (24 words), and for many people this represents a constraint. So we asked ourselves the following question: how can we make the user experience of self-custody accessible to as many people as possible?

Let's go into a little more detail. How exactly does Ledger Recover work?

It's pretty simple. When you have your Ledger Nano X (and soon Ledger Stax when it will be available), you create a Ledger Recover account on which you fill in your e-mail. You then have to verify your identity (papers and facial recognition) with two different providers (Onfido and Tessi, editor's note), and initialize the process with the physical buttons on the Nano X. That's it for the user.

What happens technically once the user has validated the operation?

After validation, the Nano will take the seed sentence and cut it into three pieces with the Shamir cryptographic algorithm. Each part is then encrypted inside the Nano. Once this has been done, the three pieces are sent to three different backup service providers: Coin Cover, EscrowTech and Ledger.

What assures the user that the three pieces cannot be intercepted when sent to backup service providers?

We have provided for this possibility by setting up independent "Secure Channels".

To put it simply, Coin Cover is sure to communicate with a Nano and vice-versa, but it is also sure to communicate with the right person because it needs to validate the identity on the Nano (and vice-versa again).

Once validated, each piece is encrypted again and then stored at the backup service providers in a Hardware Security Module (HSM), which is an electronic hardware that provides a security service to store and protect cryptographic keys. This is done three times at Coin Cover, EscrowTech and Ledger.

How can customers get their seed phrase back?

All you need to do is to verify your identity again with our two service providers Onfido and Tessi. Once this is done, two backup service providers (among Ledger, Coin Cover and EscrowTech) send back to the Nano the pieces they hold and the reconstitution takes place on the hardware. A key can only be reconstructed if two out of three pieces are assembled. Nothing can be done with a single piece.

Will Ledger store the identity documents of users who choose this option?

Absolutely not, we only do cybersecurity. It is not our job to manage KYC, we don't need to know our customers. All this part is managed by Onfido and Tessi.

Even if we were asked, we could not provide the private key of any of our customers. And we also have no way of knowing the amount of cryptos that are stored in their wallets.

If the courts order two providers (Ledger, Coin Cover or Tessi) to provide the pieces they store, can they take control of a customer's wallet?

If states were to request it, from a cryptographic point of view, yes, it is possible.

Ledger is French, but what are the jurisdictions of Coin Cover and Tessi?

Coin Cover is British, Tessi is American. It was important for us that the three partners were in different jurisdictions. Nevertheless, we have to keep in mind that criminals don't use cryptos very much because of their traceability, and I doubt they will use Ledger Recover by providing their identity...

Some observers are now concerned that their private key can be reconstructed, even if they have not subscribed to Ledger Recover. Can you say otherwise?

It is safe and certain. Everything stays in the hardware if you don't want to use the service.

How did you feel about the controversy this week when some questioned Ledger's security?

I think there are some bad people on Twitter, especially in the crypto ecosystem. I can't explain it to myself. Personally I don't mind, in fact I don't really care, and fortunately not everyone is like that. Among the critics, some simply didn't understand how Ledger Recover worked, and the fact that they had the choice not to use it.

Finally, others felt they had the Ledger security model figured out and discovered that the firmware had access to the seed phrase. Many thought this was impossible, when in fact it had always been the case.

I was a little surprised by this, I wondered what we had missed in our education efforts to get to this point... But the fear around Ledger Recover is totally irrational.

Precisely, the controversy broke out because an Internet user spotted the feature in the description of a software update before you presented Ledger Recover. Wasn't this a big miscommunication?

What I see is that people are inspecting the release notes (laughs). The negative thing is that a lot of people got into a kind of speculation and we had to react very quickly to all the fears instead of calmly presenting our new product.

If we had to do it again, we would have presented Ledger Recover to the public before releasing an update with its "release note".

How do you deal with the fact that some radical users are disappointed with the direction the company is taking?

A few years ago, we had the same debate about the merits of integrating Ethereum into Ledger in addition to Bitcoin. For many, the fact that you could sign transactions from two different protocols in the same hardware seemed like a dangerous thing.

Personally, I'm all for freedom. Those who don't like Ledger Recover can simply not activate it and it won't change anything for them in terms of security.

Some personalities of the ecosystem like Changpeng Zhao, the boss of the exchange platform Binance, took the opportunity to surf on the controversy. What does this mean to you?

It's fair game, with Ledger Dungeon (Ledger's security research team) we revealed that Trust Wallet had security flaws.

Ledger Recover has made the choice of identity, but it is not the only solution to recover a seed phrase. Have you considered others?

We think our solution is the simplest, but others were on the table. We can, for example, implement a device on the blockchain like with Ethereum's "social recovery". The problem is that it is only on... Ethereum! But we are a multi-currency security provider, and anyway it doesn't solve the issue of ease of use.

There is also the possibility of doing "social recovery" with friends, but this implies having acquaintances who fully master the process. Of course, this allows to have a distributed recovery system, but for simplicity it is still not very efficient...

The Ledger Recover option costs 9.90 euros per month, which is quite expensive. Why such a high price?

We did a market study asking people how much they were willing to pay for this type of functionality. In the end, the price we chose was the one that came out of this study.

Now, I think that for safety tools it should not be too affordable. When you go bungee jumping and you have the choice between two experiences, one at 100 euros and the other at 10 euros, which one do you choose? Chances are it will be the first one.

My opinion is that there is a perception of the level of security in the price offered. If this feature had been offered at 2 euros it could have been a disservice to the product.

What do you foresee in case of a bug if the customer cannot recover his private key?

Our clients are covered up to $50,000.

Do you plan to beef up the service by adding more features?

Yes, it is very likely. Quite naturally, we think of the issue of inheritance. For many crypto users - and even the more seasoned ones - there is no really simple solution to assigning funds in the event of death. With Ledger Recover, there is the possibility to do just that.

I can't put a timeframe on it, it will depend on the feedback we get on the product. For now, we are focused on answering all questions about the current offering.

Why is the Ledger software code not open source, unlike your competitor Trezor?

This is a debate we have had for many years. Personally, I like open source and I think it is important for the community. Nevertheless, to offer optimal security we have chosen to use a "Secure Element" (a secure hardware platform). For Ledger, STMicroelectronics is in charge of its manufacturing and it is contractually prohibited to reveal the functioning of this chip.

Trezor did not opt for a "Secure Element". They have an electronic circuit of the same kind as found in a TV remote control. This is what allows them to be open source, but on the other hand it is a less secure solution.

Do you want to read more?

Only premium subscribers have access to this article!
Sign up to access the best content, get exclusive info and join the whale community. 🐳

Do you want to join the Web3 revolution?

Find the best of the crypto, NFT and DeFi news every Wednesday and Thursday in the two newsletters written by our specialised journalists Grégory Raymond and Raphaël Bloch.

Charles Guillemet (Ledger): "The fear around Ledger Recover is totally irrational"
Published on
Published on
May 17, 2023

Charles Guillemet (Ledger): "The fear around Ledger Recover is totally irrational"

In a long interview with The Big Whale, the CTO of the French unicorn comes back on the controversy that targets his new product and explains what it will be used for.

The Big Whale: After a few leaks, you made the launch of Ledger Recover official. How old is the project?

Charles Guillemet: The idea must go back to 2020 or 2021. For a few years now, we have noticed, and we are not the only ones, that there are people who are comfortable keeping their cryptos themselves, but that the overwhelming majority of people leave them on exchange platforms, especially because it is not easy to manage your cryptos yourself on a wallet like a Nano.

You have to master the technology, you have to know how to manage your seed phrase (24 words), and for many people this represents a constraint. So we asked ourselves the following question: how can we make the user experience of self-custody accessible to as many people as possible?

Let's go into a little more detail. How exactly does Ledger Recover work?

It's pretty simple. When you have your Ledger Nano X (and soon Ledger Stax when it will be available), you create a Ledger Recover account on which you fill in your e-mail. You then have to verify your identity (papers and facial recognition) with two different providers (Onfido and Tessi, editor's note), and initialize the process with the physical buttons on the Nano X. That's it for the user.

What happens technically once the user has validated the operation?

After validation, the Nano will take the seed sentence and cut it into three pieces with the Shamir cryptographic algorithm. Each part is then encrypted inside the Nano. Once this has been done, the three pieces are sent to three different backup service providers: Coin Cover, EscrowTech and Ledger.

What assures the user that the three pieces cannot be intercepted when sent to backup service providers?

We have provided for this possibility by setting up independent "Secure Channels".

To put it simply, Coin Cover is sure to communicate with a Nano and vice-versa, but it is also sure to communicate with the right person because it needs to validate the identity on the Nano (and vice-versa again).

Once validated, each piece is encrypted again and then stored at the backup service providers in a Hardware Security Module (HSM), which is an electronic hardware that provides a security service to store and protect cryptographic keys. This is done three times at Coin Cover, EscrowTech and Ledger.

How can customers get their seed phrase back?

All you need to do is to verify your identity again with our two service providers Onfido and Tessi. Once this is done, two backup service providers (among Ledger, Coin Cover and EscrowTech) send back to the Nano the pieces they hold and the reconstitution takes place on the hardware. A key can only be reconstructed if two out of three pieces are assembled. Nothing can be done with a single piece.

Will Ledger store the identity documents of users who choose this option?

Absolutely not, we only do cybersecurity. It is not our job to manage KYC, we don't need to know our customers. All this part is managed by Onfido and Tessi.

Even if we were asked, we could not provide the private key of any of our customers. And we also have no way of knowing the amount of cryptos that are stored in their wallets.

If the courts order two providers (Ledger, Coin Cover or Tessi) to provide the pieces they store, can they take control of a customer's wallet?

If states were to request it, from a cryptographic point of view, yes, it is possible.

Ledger is French, but what are the jurisdictions of Coin Cover and Tessi?

Coin Cover is British, Tessi is American. It was important for us that the three partners were in different jurisdictions. Nevertheless, we have to keep in mind that criminals don't use cryptos very much because of their traceability, and I doubt they will use Ledger Recover by providing their identity...

Some observers are now concerned that their private key can be reconstructed, even if they have not subscribed to Ledger Recover. Can you say otherwise?

It is safe and certain. Everything stays in the hardware if you don't want to use the service.

How did you feel about the controversy this week when some questioned Ledger's security?

I think there are some bad people on Twitter, especially in the crypto ecosystem. I can't explain it to myself. Personally I don't mind, in fact I don't really care, and fortunately not everyone is like that. Among the critics, some simply didn't understand how Ledger Recover worked, and the fact that they had the choice not to use it.

Finally, others felt they had the Ledger security model figured out and discovered that the firmware had access to the seed phrase. Many thought this was impossible, when in fact it had always been the case.

I was a little surprised by this, I wondered what we had missed in our education efforts to get to this point... But the fear around Ledger Recover is totally irrational.

Precisely, the controversy broke out because an Internet user spotted the feature in the description of a software update before you presented Ledger Recover. Wasn't this a big miscommunication?

What I see is that people are inspecting the release notes (laughs). The negative thing is that a lot of people got into a kind of speculation and we had to react very quickly to all the fears instead of calmly presenting our new product.

If we had to do it again, we would have presented Ledger Recover to the public before releasing an update with its "release note".

How do you deal with the fact that some radical users are disappointed with the direction the company is taking?

A few years ago, we had the same debate about the merits of integrating Ethereum into Ledger in addition to Bitcoin. For many, the fact that you could sign transactions from two different protocols in the same hardware seemed like a dangerous thing.

Personally, I'm all for freedom. Those who don't like Ledger Recover can simply not activate it and it won't change anything for them in terms of security.

Some personalities of the ecosystem like Changpeng Zhao, the boss of the exchange platform Binance, took the opportunity to surf on the controversy. What does this mean to you?

It's fair game, with Ledger Dungeon (Ledger's security research team) we revealed that Trust Wallet had security flaws.

Ledger Recover has made the choice of identity, but it is not the only solution to recover a seed phrase. Have you considered others?

We think our solution is the simplest, but others were on the table. We can, for example, implement a device on the blockchain like with Ethereum's "social recovery". The problem is that it is only on... Ethereum! But we are a multi-currency security provider, and anyway it doesn't solve the issue of ease of use.

There is also the possibility of doing "social recovery" with friends, but this implies having acquaintances who fully master the process. Of course, this allows to have a distributed recovery system, but for simplicity it is still not very efficient...

The Ledger Recover option costs 9.90 euros per month, which is quite expensive. Why such a high price?

We did a market study asking people how much they were willing to pay for this type of functionality. In the end, the price we chose was the one that came out of this study.

Now, I think that for safety tools it should not be too affordable. When you go bungee jumping and you have the choice between two experiences, one at 100 euros and the other at 10 euros, which one do you choose? Chances are it will be the first one.

My opinion is that there is a perception of the level of security in the price offered. If this feature had been offered at 2 euros it could have been a disservice to the product.

What do you foresee in case of a bug if the customer cannot recover his private key?

Our clients are covered up to $50,000.

Do you plan to beef up the service by adding more features?

Yes, it is very likely. Quite naturally, we think of the issue of inheritance. For many crypto users - and even the more seasoned ones - there is no really simple solution to assigning funds in the event of death. With Ledger Recover, there is the possibility to do just that.

I can't put a timeframe on it, it will depend on the feedback we get on the product. For now, we are focused on answering all questions about the current offering.

Why is the Ledger software code not open source, unlike your competitor Trezor?

This is a debate we have had for many years. Personally, I like open source and I think it is important for the community. Nevertheless, to offer optimal security we have chosen to use a "Secure Element" (a secure hardware platform). For Ledger, STMicroelectronics is in charge of its manufacturing and it is contractually prohibited to reveal the functioning of this chip.

Trezor did not opt for a "Secure Element". They have an electronic circuit of the same kind as found in a TV remote control. This is what allows them to be open source, but on the other hand it is a less secure solution.

Do you want to read more?

Only premium subscribers have access to this article!
Sign up to access the best content, get exclusive info and join the whale community. 🐳

Subscribe for free to read more.

No items found.

Do you want to join the Web3 revolution?

Find the best of the crypto, NFT and DeFi news every Wednesday and Thursday in the two newsletters written by our specialised journalists Grégory Raymond and Raphaël Bloch.