Looks like it’s cancelled for now, but I think it’s actually reasonably well thought out approach. Laying out my understanding in simple terms below (hopefully this clarifies some fud about this as well). Unless someone can explain why this is an issue, I’m going to stay off the Imma burn my ledger tonight bandwagon. Might have have even sub’ed to the service if it was cheaper.
- Your seed phrase or private key is not being sent out to backup
- Secure element uses a version of your private key to create a Backup Phrase
- This Backup Phrase is then encrypted by Secure element
- The encrypted Backup Phrase is then split into 3 parts for a 2-out-3 Shamir backup
- These 3 encrypted parts are sent out to be saved securely
- When you F up and need a restore, two parts are combined to decrypt the encrypted Backup Phrase
- This decryption can only happen inside the Secure Element
- At no point does your private key or seed phrase gets accessed or shared
Edit1: reading the comments, the main issue is that since backup phrase can be converted to seed phrase inside the secure element, one end of the argument is that they are one and the same. It doesn’t matter that decryption can only happen within the secure element. I think it is an important distinction and the question that raises is more around integrity of the secure element itself vs. the approach Ledger is taking.
Also understand the other part of the concern people have is - I didn’t know this was possible, and so if this is possible, then I don’t know what else is possible? I’m not sure how do you disprove a negative, so this is a tough spot for ledger. I’ll keep monitoring the discourse but I’m still in the keep camp for now.
Edit2: lots of posts about what people’s perception of “secure element” is. Impossible to go into all the details, and would suggest just some simple google or chatGPT prompts to learn more. But punchline is that it’s not some magical place with whatever properties we hope it has. Core function of a secure element is to prevent unauthorized access to stuff inside. For eg it will have security features to prevent access from ledger OS itself in case it’s compromised, in addition, to the usual ones where a malicious website tries to access the keys, or even protections against someone physically trying to access the storage area inside. The point is that all of that is dependent on correct implementation of these features. You can’t stick a secure element on the circuit board and expect it to suddenly come to life and do everything. So going back to my previous point. The most fundamental question you need to answer for yourself is if you trust Ledger to be capable enough to implement a secure element properly. If not, there is no reason to own a ledger at all, recovery service or not.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments