Why do you think is good? just the existence of seed phrase sharing functionality, even if encrypted, significantly expands the potential of a hack
is the debate about the destination they arrived at or the route they took?
thats what i saidā¦ itās fireblocks for retail... except 100x cheaper apparently there is some technical nuance though where ledger firmware updates can potentially leak the entire seed phrase, not just ledgerās shard
I appreciate that it's not default, and opt-in. I, also, don't think we are going to run away from centralization in Web3, it'll just happen in different places/angles. Though, I'd appreciate it not being ID Verification (as someone who has worked in the industry), ID Theft is real and unsolved. Needs a diff solution
Do you mean this? https://twitter.com/0xfoobar/status/1658460603831263232?s=20
I think a bigger problem is Ledgerās lack of communication. There is no technical documents nor detailed recovery procedures for public review. And I donāt understand why they choose real ID-based over social recovery. But I think improving recovery process is a welcomed feature if you want crypto to be mainstream.
Depends on your perspective? If the point of buying the device was to store the keys and never allow them off of the device by any sort of 3rd party, it's not good to learn at all there is firmware that allows the keys to be read off of the device.
Itās not a secure enclave if keys can be exported to another device.
I think offering a third-party custody service was just a bit off-key for them is the issue. Good feature, bad execution.
Key is encrypted on element. No issues there. Would love for them to release workflow video to see how it works backed with some technicals for the paranoid I'd be raising alarm bells if they're able to pull the key WITHOUT Hardware confirmation
Recovery mechanisms are a must in order for more people to adopt crypto and hardware wallets. Ledger wants to scale to bring HW to more people and this is part of it. If enough customers aren't happy, this is an opportunity for an alternative HW maker to step in knowing that their market will remain small.
The execution of sharing the story is terrible. Reading here and there I think that they split the recovery phrase in 3 pieces encrypted within the ledger. Then they send it to different players. You need KYC to request a recovery and then use the original ledger to decrypt it.
It is good if the implementation is well done. I'm ok with that only if it doesn't affect regular wallets in any possible way.
Yes. But I donāt want it. I donāt want it to even be *possible* on my hardware wallets. And I canāt imagine most people like me not deciding to just use another wallet that doesnāt have such a problem.
Is this feature necesary on a hardware wallet? If your gunna send fragments of your wallet around to different companies, why spend money on hardware, just make a software wallet with this feature.
They should launch a different product with that feature instead, have it isolated so if it becomes an attack vector it's only on those new "social" devices.
I was making this argument to (crypto) people yesterday. It fell on deaf ears
I think so, just poorly communicated. Maxis and maxis for a reason, so its a bit of fake outrage.
I have some second thoughts on the issue. It may be more problematic than I initially thought https://paragraph.xyz/@kc/on-ledger-recover
not really. while this is better than paper is has many issues 1. kyc gating (easy to game) 2. privacy killer (kyc) 3. possible risk of 2 party coercion 4. paid scheme that kills access of 7 days overdraft 5. apparently possible to recover the seed from any device as long as KYC is passed. no additional sec.