Web3 is in panic due to Ledger announcing their latest feature, Recover.
The truth is the risk to current Ledger users is virtually 0.
Security management decisions are complex and require a nuanced understanding of risk management and security risk measurement. Risk management most basic formula is:
Impact * Likelihood = Real Risk.
For example, being hit by a meteor has a high impact but extremely low likelihood. The real risk is practically zero.
With that fundamental understanding established, let's dive into Ledger.
First, we must agree that we trust Ledger as a company. This trust extends to their intentions, technical competence, and the veracity of their technical statements. If we don't, we shouldn't entrust our funds to their technology in the first place. If you don't trust Ledger, stop reading and find an alternative solution.
Second, we trust Ledger's assurance that activating this new feature is impossible without the user granting permission through a Ledger prompt. This trust isn't blind, as both the product and the new feature have undergone rigorous scrutiny by a highly respected security vendor.
Let's imagine, hypothetically, that the worst-case scenario occurs. With over 6 million Ledgers currently in use, any loss of funds would instantly become headline news, prompting users to swiftly transfer their funds elsewhere.
So, let's reassess the actual risk. The potential impact of this new feature being compromised is considerable. However, given Ledger's track record and the inherent security of cryptography, the likelihood of a real-world attack is extremely low.
We must also consider the odds of your Ledger being one of the first few hacked before the news breaks out. We're closing in on a tiny number.
And as Recover requires the user to opt-in, we are left with a potentially severe impact with virtually 0 likelihood. This is the everyday reality of professional risk assessment.
After reading how Recover's tech functions, my professional evaluation, given Ledger's robust technology and reputation, is that the probability of cryptographically exploiting this new feature is extremely low.
So what did Ledger do wrong? They could have explained their product better in the past and in Recover's announcement. According to Haseeb Qureshi, Managing Partner of Dragonfly Capital, almost every hardware wallet has always been able to extract the private key with the user's approval.
While it's evident and understandable that most active Web3 users are appalled by Recover, I want to illustrate the alternative; if you don't activate Recover, you are not risk-free. In fact, your risk might be higher.
Consider the odds of forgetting your Ledger PIN or suffering head trauma that affects your memory. Or the chance of making an error while writing down the seed phrase. There's also always the risk of your device being stolen or damaged, requiring using the seed phase, which is also susceptible to loss or damage, for example, house fires or floods, which happened to someone we know who lost all their devices and seed phrases.
In light of these possibilities, are you sure that the risk of this feature being hacked, and you being among the initial victims, is greater than the risk of losing your access?
While Recover makes it technologically possible to access a user's wallet:
- It's opt-in based.
- It was designed based on Ledger surveying their users who voted for the feature because they were worried about losing access to their wallet due to the risks of seed phrase loss. Enabling Recover will help them protect their assets and increase mass adoption.
Lastly, we are not affiliated with Ledger or any wallet. In light of the mass panic we've seen, we wrote this blog post to provide Web3 users with expert security knowledge on the topic to make better-informed decisions.
If you want to know more about me, read my story here: https://www.influencive.com/danor-cohen-from-hacked-to-hero.
And if you want to know more about MintDefense, it is the first Web3 security product I built alongside Alex Katz that automatically detects 99.9% of scam sites. No user intervention or Web3 knowledge is required.
More on https://mintdefense.com
Well written and measured response. My wife knows she needs her car keys to start her car, but do you think she put them somewhere safe and memorable each time? Nope. They are either left "somewhere" or right by the door in easy stealing range. So I don't really trust her to keep the all important seed phrase safe or not do something with it and forget to tell me. That is a much bigger risk for me...
ReplyDelete