Ledger, the company that created the wallets Nano S and the famous Nano X, has postponed the launch of its recently announced Ledger Recover service following an intense backlash from the crypto community. On May 23, the Chairman and CEO of Ledger, Pascal Gauthier, stated in Twitter spaces joined by more than 13,000 people that the experience was humbling, as well as a hard lesson for communication. The firm acknowledged that the launch of the service was miscommunicated and that it was not the firm’s intention to take users by surprise.
"I started my letter by saying that this experience has been very humbling – we miscommunicated on the launch of this product, it was not our intention to take people by surprise." – @_pgauthier
— Ledger (@Ledger) May 23, 2023
It was stated that Ledger would prioritize making open-source a considerable chunk of its code. It would initiate with the core components of the Ledger operating system and Ledger Recover. At the same time, it was announced that the service would not be released until the work is complete.
Gauthier stated:
“Ledger Recover would be launched as soon as the source code is auditable. We believe in these amendments to the project and will continue to build the industry together”.
The Chief Technology Officer of Ledger, Charles Guillemet, highlighted that a white paper on the Recover protocol would become an open source within the upcoming few days. This would be accompanied by a series of blogs that would specify how the process works. As a result, it would become easier for cryptography and security experts to analyze the protocol and understand the way it works.
Ledger Gets a Hard-Learned Lesson
In the white paper, it was mentioned how developers would be able to craft their own backup providers for the seed phrase instead of using the ones that are offered by Ledger. However, this move was considered the original idea of sharing seed phrases that triggered many in the community.
Prior to delaying the launch of the Recover service and making amendments, many in the crypto community felt as if Ledger had betrayed them. Most analysts also pointed fingers toward a series of potential threats such as breaches of custodians, data leaks from KYC providers, and law enforcement agencies getting their hands on the data of users.
The crypto community criticized that the code for the Recover feature was not exactly open-source, and that would eliminate the possibility of properly auditing the safety of the proposed custody mechanism.
The CTO of Ledger added,
“I’d like to recall first that most of our code is already Open Source. When it comes to firmware, we’ve recently open-sourced our crypto lib, our SDK is OSS for years, and all our apps are already OSS. But we want to go further.”
Unlike most of its competitors, Ledger does not publish the entirety of its code, but resorts to getting its products tested by a pre-selected team of security researchers. Furthermore, the company learned a hard lesson, as stated in a letter to its users. Some parts of the code have been open-sourced previously, and more would follow soon.
