/biz/ - Business & Finance

No memes, just the facts here

Ledger introduced "Ledger Recover", a new service that allows a backup of your seed phrase to be stored with "trusted custodians" (Ledger, Coincover, and likely EscrowTech). The seed phrase is encrypted on the device's Secure Element and then split into 3 shards, such that you need 2-of-3 in order to reconstruct the seed phrase. Those shards then leave the Secure Element and get passed to the application layer, where they are sent to each custodian.

Allegedly, the device firmware also creates a "secure channel" with each of the trusted KYC entities before allowing each individual shard to be transmitted.

>But how is this even possible in the first place? I thought the hardware guaranteed that the seed phrase never left the secure enclave?

This was NEVER TRUE to begin with.

It is not the hardware that ensures this, but the firmware. The seed phrase doesn't leave the Secure Element, that is true. But the firmware is also not separate from the Secure Element, it is ON the Secure Element. See pic.

So the firmware does and has always been capable of accessing the seed phrase. If you think about it this makes sense, because the SP is not used to sign things. It needs to be manipulated by code in order to derive various private keys, which are THEN used to sign things.

>So anyone can hack my Ledger?

Not quite.

The device still checks that the firmware is signed by Ledger's private code signing key. This is baked directly into the hardware.

So theoretically any firmware must come directly from Ledger. Or, if Ledger's code signing key was ever compromised in the future, then an attacker would be able to create properly signed firmware.

Plus, you still need to physically unlock the device first by entering in your pin/passcode. 3 failed tries, and the Ledger wipes itself clean.