The Mirage of Secure Crypto Storage
Before reading the article, register for Cryptogram, a free weekly web3 and crypto newsletter.
Stacking Bitcoin over the years is quite easy for a crypto investor. It’s even easier to lose access! Consider this stat – over 6 million BTC are considered lost forever (link).
One of the key tenets of crypto is that investors can own and store the assets in their custom wallets without any dependence on any third party (corporate, government, etc.). This has led to the adoption of hardware wallets where investors can store crypto with a 12 or 24 word seed phrase as the key to accessing the assets. Ledger, Trezor and SafePal are the popular brands that manufacture hardware wallets.
Of course, key phrases can also be lost. If the early investors, who are supposed to be the most geeky, lost access to their Bitcoins, how can we expect millions of users to hold on without losing them?
So Ledger had a plan…
Ledger recently announced an optional key recovery service – Ledger Recover. It split a user’s seed phrases into three parts (encrypted), owned by three entities – Ledger, CoinCover, and EscrowTech. Investors can use it as a backup to access their portfolio by paying a monthly subscription fee of $9.99. Sounds good, right?
…but users weren’t amused
A Reddit post sounded the alarm when users read the text of the latest firmware updates for their Nano X devices and labeled it as “A disaster waiting to happen.”
CZ, the CEO of Binance, also seemed puzzled like most of us.
Apart from calling this a lucrative initiative, users wondered why they still needed hardware wallets. The basic idea of storing crypto in a hard wallet is to keep your assets safe and that no company can access them with or without your permission.
Permissions are the reason why hardware wallets are preferred over software. Software wallets are more prone to online attacks because users sometimes give transfer permissions without their knowledge – this is not possible in hardware wallets.
Then this tweet came –
One of Ledger’s support agents tweeted that it was technically possible for the company to write firmware that could extract users’ private keys, while answering a question posed by one of the users regarding the newly introduced recovery service. Wow!
This sparked a frenzy where many users expressed concerns about the security of their funds held in Ledger devices.
To put out the fire
Ledger was quick to respond, after the launch turned out to be a massive PR disaster. The company insists that its new recovery tool does not compromise wallet security while pausing its launch. General Ledger CTO, Charles Guillemet, clarified in a new Twitter thread that the operating system (OS) of the wallet requires user consent at all times “a private key is touched by the operating system”.
What does this mean for you?
As crypto adoption grows, crypto storage will be key to ensuring that a hard-earned wallet is not lost. All companies, including hardware and software wallet providers, are trying to take advantage of this need. Some services, like the Ledger Recovery Tool, may just be ahead of its time. While we don’t doubt their intentions, feelings and how people perceive a brand often play a key role in welcoming new launches.
Already, crypto exchanges play a major role in storing assets globally. However, registered and geo-restricted companies will gain confidence in the future as the exchanges work with local governments by enabling smooth KYC and due diligence of their investors. In India, registered crypto platforms fall under the PMLA and are required to store your assets securely just like traditional banks. If you can trust and store your assets in hardware wallets while understanding the risks, we encourage you to do so. Otherwise, leave the custody to a top Indian platform and only worry about building the portfolio well.
Use promotional code TNM51 on www.giottus.com/profile#promo after registration to get Rs.51 worth free bitcoin.
Disclaimer: This article was written by Giottos Crypto Exchange as part of a paid partnership with The News Minute. Crypto products and NFTs are unregulated and can be very risky. There may be no regulatory recourse for any loss arising from such transactions. Please do your own research before investing and seek independent legal/financial advice if you are unsure about investments.
#Mirage #Secure #Crypto #Storage #crypto