Crypto wallet producer, Ledger, has drawn flak for introducing an update enabling its devices to transmit encoded fragments of users' seed phrases to others.
The Paris-based firm has asserted that this move aims to facilitate the recovery of seed phrases, akin to passwords, for users.
However, detractors have voiced concerns about potential security risks associated with the update.
Hardware wallets, also known as cold wallets, are tangible devices that maintain the offline storage of crypto private keys.
Given their offline nature, they're often deemed safer than their 'hot wallet' counterparts, which involve storing keys on internet-connected computers or mobile devices.
Ledger, as a cold wallet, is designed to provide users with full control over their digital assets.
The newly introduced "Recover" feature enables the device to share a user's private key, in an encrypted and compressed form, with three firms: Ledger itself, Coincover, and EscrowTech.
During a discussion on Twitter Space, Ledger's CEO, Pascal Gauthier, defended the new feature.
“You’re saying this is not what customers want. Actually, this is what future customers want. This is the way that the next hundreds of millions of people will actually onboard to crypto," he said.
Also Read: BlockFi's $240M Disaster: The Blame Game And The Lost Millions
The crypto community has voiced its concerns, highlighting Ledger's history of security breaches and questioning the wisdom of the new update.
One critic labeled the update as a "betrayal" of customers, suggesting that Ledger should have developed a new device or smart contract wallet instead.
They emphasized that the company's decision to include what they termed a "backdoor" in firmware upgrades was a display of "extreme negligence."
Another Twitter user criticized Ledger's proposal for users to export their private keys from their hardware wallet and provide fragments to Ledger, Coincover, and a third party. They pointed out that this would require users to disclose more personal information, thereby increasing the risk of their funds being accessed by unauthorized individuals, especially in the event of further data breaches. The user called the decision "poorly thought out."
Photo: BestCryptoCodes on Flickr.
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
