Original Author: Lucas Yang
Original source: Cobo Global
On the evening of May 16, the hardware wallet Ledger released the Nano X cold wallet 2.2.1 firmware update and announced that the "Ledger Recover" function will be introduced soon. This function uses a fragmented storage method to divide the user's Seed Phrase (Secret Recovery Phrase) into three fragments, and requires the user to provide personally identifiable information as a binding. To Ledger's surprise, the launch of this feature has sparked a strong backlash from its user community, with many expressing concerns about the feature's privacy and security.
According to Ledger, Ledger Recover is essentially an identity-based private key recovery service that provides Seed Phrase backup for customers. The service allows a Ledger device to securely recover private keys if a customer loses or loses access to the Seed Phrase. The Seed Phrase will be encrypted, copied, and divided into three pieces, each of which will be secured by a separate company: Coincover, Ledger, and an independent backup service provider. When a customer wants to recover the private key, two of the parties send the fragments back to the Ledger device to reassemble to build the private key. In addition, Ledger Recover requires users to submit personal information to Onfido, Ledger's authentication service provider.
According to Ledger's design, this backup method aims to increase the fault tolerance of data loss, but it has caused some users to worry about data security and a crisis of trust in Ledger. Some users worry that storing personal information in multiple third-party systems may increase the risk of being hacked, resulting in the loss of assets. Some users also pointed out that Ledger has always emphasized that users' private keys never leave the device, which is one of the reasons for its popularity. match.
Ledger private keys never hit the internet?
What has long made Ledger unique compared to other hardware wallets is its Secure Element chip. Ledger claims that the chip can completely isolate and save the private key, so many people think that the Ledger hardware wallet is equivalent to the iPhone's Secure Enclave, making the private key completely inaccessible. But the release of the new feature Recover seems to break this impression, conveying to users that private keys can leave Secure Element in encrypted form. Although the Recover function is an optional service, the Nano X's firmware update will still build this function into the operating system.
From a technical point of view, Ledger actually requires users to "100%" trust it, because the entire Seed Phrase encryption and transmission process is closed and unverifiable. Currently, Ledger has not shown users how Ledger's recovery service securely encrypts user data and operates under the hood, and no one else can verify the security of the entire process except Ledger itself.
Although Ledger Recover does not let the Seed Phrase leave the device in an unencrypted state, users are concerned that Ledger has in fact provided a code that can send the Seed Phrase over USB/BT. In this case, there is a possibility that hackers can turn cold wallets into hot wallets through malicious attacks and obtain user Seed Phrase. At the same time, users cannot be sure whether Ledger can prevent hackers from sending encrypted Seed Phrase fragments to one person in their entirety, or whether Seed Phrase fragments can only be decrypted by users themselves.
Privacy controversies brought on by the KYC process
In addition to the Recover feature itself, some users expressed concerns about user privacy. Hardware wallets are often seen as a way to store cryptocurrencies anonymously, however users who choose to use Ledger Recover will need to submit their identity information for the necessary Seed Phrase recovery verification. The experience is similar to the KYC process of centralized exchanges, raising user concerns about data breaches, hacking and government censorship, among other issues.
As a company with more than 4 million users, the assets managed by Ledger users are also considerable. Therefore, whether its users' personal information is directly used for phishing attacks or sold, it is of considerable value to hackers. In 2020, the company's 272,000 user information was stolen, and many users were subsequently harassed by a large number of phishing tools. Users are legitimately concerned about the authentication required to subscribe to the Recover feature, providing another potential outlet for their personal information.
Are MPCs more secure?
After encountering a series of doubts and criticisms, on May 23, Ledger announced the postponement of the release of the Recover function, and said that it would release a Whitepaper on the Recover protocol in the near future, in an attempt to quell user doubts. Regardless of how the eventual event plays out, this Ledger crisis of trust could trigger a lot of thought for cryptocurrency security wallets, custody, and security practitioners. On a broader level, how to choose encrypted asset custody technology and solutions, whether to use hardware wallets or software wallets, are issues that institutional participants must carefully consider.
Break up the private key and make multiple backups to avoid exposing the private key to risks. Just as Ledger Reocver Seed Phrase into three fragments for backup, there is actually no problem with this idea. However, the biggest technical risk of Ledger Recover is that the Seed Phrase was originally stored in the hardware wallet as a piece of information, but now it is encrypted, split and transmitted to three parties. The whole process is opaque and has the risk of being hijacked. Any omission in any step may directly lead to the loss of assets.
Perhaps in the impression of many people, the custody wallet seems to be out of their control, and the hardware wallet feels more reliable in their own hands. In fact, managed wallet technology continues to advance and develop, and there are already very safe and flexible technical routes, one of which is the MPC (Multi-Party Computing) wallet.
Multi-party computing (MPC) refers to a computing method in which multiple participants collaborate to complete common computing tasks based on their own data under the condition of no central party, and all parties cannot infer other participants through the interactive data in the computing process. of the original data. Therefore, MPC has natural advantages in terms of security and ease of use. From the initial stage, the private key of the wallet has never appeared, and the private key shards are independently generated locally by multiple parties, which fundamentally eliminates single-point risks, and the MPC algorithm is open, peer-reviewed and field-tested, open and reliable.
Cobo MPC
Taking Cobo MPC WaaS (Wallet as a Service) as an example, Cobo MPC WaaS is based on MPC-TSS (Threshold Signature Scheme, threshold signature) technology, and provides digital asset coordination and blockchain technology services in the form of Wallet-as-a-Service .
MPC-TSS is a threshold signature technology based on multi-party secure computation. Using MPC-TSS technology, multiple parties each manage a private key shard (MPC Key Share), and complete the creation (Generate), signature (Sign) and recovery (Recover) of private keys through distributed computing. In the process of distributed computing, the private key fragments of any party will not be leaked due to collaborative interaction, and the complete private key will not exist anywhere in any form. MPC-TSS technology ensures that individuals and enterprises can use keys more conveniently, securely, and in compliance with business logic.
Cobo adopts a three-party cooperative management of private keys, and uses the multi-signature mode of ⅔. Three-party collaborative management means that the three participants each hold a private key shard. The multi-signature mode of ⅔ means that each transaction requires the cooperation of at least two participants to complete the operation of signing the transaction. This can ensure that Cobo cannot unilaterally misappropriate customer assets, and even if the customer's private key fragment is stolen, it cannot be used for transactions alone. In addition, customers can restore shards through Cobo and third parties. The choice of the third party is completely determined by the customer, thus ensuring the customer's complete control over the assets through technology and process.
The Ledger Recover incident made many users re-examine their private key management strategies. The MPC wallet, which seems to adopt a similar solution to Ledger Recover, actually has an essential difference in the bottom layer of security. Readers who are interested in MPC wallet technology and products are welcome to visit Cobo official website (https://www.cobo.com/mpc) to learn more.
