Ledger, the company behind popular cryptocurrency hardware wallets, has taken another step towards transparency and open source in its development by releasing the Ledger Recovery White Paper.
The white paper details the technical specifications for Ledger Recover, a service that will allow users to backup and restore their Ledger device's passphrase recovery.
Ledger announces secure recovery tool
According to Ledger's chief technology officer (CTO), Charles Guillemet, the Recover service, provided by Coincover, is scheduled to launch in Q4 2023 and is designed to be 100% secure.
The whitepaper provides readers with an in-depth review of the system design and cryptographic protocol, as well as details on the backup, restore, and secure deletion operational flows of passphrase recovery backups.
According to the announcement, the service is built on a framework that provides end-to-end encryption between the Ledger device and the backup provider's hardware security module (HSM).
The secret recovery phrase is encrypted using a fixed ledger key before being split and delivered to backup providers using a secure channel based on an Elliptic Curve Diffie-Hellman (ECDH) exchange. ). Using a variant of Shamir Secret Sharing ensures that no intermediary system can intercept the information.
Guillemet said, “Security and uncompromising self-custody will always be at the heart of what we build at Ledger.” The company has already implemented more than 150 open-source applications and other activations and hopes the release of the Ledger Recovery white paper will allow anyone to audit the cryptographic protocols used in the service.
The whitepaper is available for review on the company's GitHub repository, and the company encourages developers, researchers, and crypto enthusiasts to read it in detail to understand the Recover program's underlying cryptographic protocol. Feedback is welcome and encouraged, and the company is happy to hear constructive feedback and suggestions for improvement.
In addition to the white paper, the company announced the upcoming release of a series of blog posts, The Genesis of Ledger Recover, written by various project managers.
This series will dive deeper into design choices, the thought process behind the project, operational security features, and an in-depth look at product security reviews performed throughout the development of the company's Recover program.
This series is slated for release in the summer of 2023, and the company looks forward to sharing more about this exciting project with its community.
Featured image from Unsplash, chart from TradingView.com