Ledger co-founder admits that with if you use “Ledger Recover” a government could submit a subpoena and get access to your funds

E-currency exchange

Éric Larchevêque, a Ledger co-founder, posted in two subs (including here) trying to do damage control around the Ledger fiasco. In his post he said that he no longer works at Ledger, but in his Linkedin, he lists that he is a board member of Ledger. Apparently, he forgot to disclose that or update his Linkedin.

https://preview.redd.it/9q1hh9z1pu0b1.png?width=1590&format=png&auto=webp&v=enabled&s=0d1013d5b04acb5a734a6834317faeb78d93fc06

It is important to note that there are two motives that are easy to see behind this. He was a co-founder and no one wants to see their product suffer. He also is a stockholder, and Ledger in March just completed more Series C fundraising at a $1.41 billion valuation. Even though he does not work at Ledger, he has a financial interest in the company and this scandal hurts his pocketbook.

I am going to skip over the entire conversation about Ledger not being trustless and your funds being safe if you trust Ledger to the section where he honestly answered questions about government access to your fund.

If Ledger or 2/3 of the companies that handle the data receive a government subpoena, could they get access to your funds?

https://preview.redd.it/8fqer2tpxo0b1.png?width=1402&format=png&auto=webp&v=enabled&s=0b3ccb702accbed66114b82e86dac13dbb1a442c

https://preview.redd.it/8uhxd16sxo0b1.png?width=1400&format=png&auto=webp&v=enabled&s=380688a7b04d3640e2f5d224cecf457fcf83f3d6

Even if you trust Ledger not to change the firmware or add any backdoors to gain access to your private keys, if you are a Ledger Recover Service user, then your private keys/funds would be accessible by a subpoena. In the current firmware state, if you are not a Ledger Recover Service user then your private keys would not be accessible with a subpoena.

An update that allows governments to subpoena your private keys and gain access to your crypto is a big deal and likely Ledger is no longer valued at $1.41 billion after this update.

46 thoughts on “Ledger co-founder admits that with if you use “Ledger Recover” a government could submit a subpoena and get access to your funds”

  1. “Subscribe to our new feature Subpoena! Have your account frozen upon government request for the low price of $9.99”

  2. Compromising a thriving business where you’re the world leader for a $10 monthly subscription… greed at its finest

  3. With this fucking kind of backdoor, it is gonna take one malicious actor or even some insider to fuck up their entire operation greatly. Terrible business decision 101.

  4. What’s the point of having a cold wallet then? It’s even worse than a hot wallet 😅😂

  5. It’s sad how in todays day and age companies are pushing for service vs products. Everything nowadays is all about paying for a service instead of a one time purchase.

    Microsoft did it with Office, and now forcing it on gamers with game pass. I want to type up a word document or play a game without having to pay for it as a fucking service!

    Now Ledger decided to do the same thing, same shitty business model of service vs traditional one time purchase products. Gotta love corporate greed!

  6. Another scenario: If you’re a hacker and manage to get into all three, you will have access to all the stored seeds.

  7. Every time these people do an attempt at PR, they did their grave a little deeper, it’s awful to watch yet I can’t look away

  8. Are you taking screenshots from this sub and making a new post about it?

    Moon farming has come far.

  9. Ledger is done. I’m sure the “my crypto vanished from my ledger” posts won’t be for years however.

  10. To be honest, I’m more afraid of physically losing my wallet and seed phrase than the government trying to take away my money. I bought my Ledger recently, and my greatest fear was that if I loose it, then I will loose my money forever. Maybe later I will use this new service, or something like that. (If experts will say it can be trusted). My ledger is not an X, so I won’t use it soon.
    (But if it will be sure that it is not safe, then I will not use it.)

  11. Has ledger started some kind of a speedrun to be the most hated in Crypto?

    All this statements will just make it way worse for them and they should know that after years in Crypto.

  12. C’mon everyone,let’s be realistic, our government would never infringe on our privacy and make up some bullshit reason in order to get everyones keys.

    Just look at how great the White House has been towards crypto and especially they SEC being very clear with all the rules they’ve been making.

    It’s not like our government agencies have any history taking money from innocent people just for having cash on them…

    right??right???

  13. They need to stop trying to put lipstick on this shit and reverse everything in last couple of weeks – get rid of recovery , new firmware to lock everything in, open source it, and fire the leadership who made this decision and bring in a team that the community can trust. Then and only then will they have a small chance of coming out of this

  14. That btchip Nicolas Bacca sure is a piece of work. Can’t believe the board (if Ledger has one) hasn’t told him to just STFU already.

  15. How is this surprising to anyone though. Ledger has always been closed source, and you’d just have to trust what they tell you. Of course they’d have to do everything in their power to comply if a goverment agency subpoena’d them.

  16. Now all these “My Ledger was hacked” posts will be followed with, “Were you subscribed to recover service?”

  17. Again, my issue here is that he is saying one thing but that’s not being mirrored by what’s written on the Ledger website.

    I understand that he’s not an official spokesperson for Ledger but given his past position and the equity he holds I would hope he was well informed.

    So, here he says that if you are a user of the new subscription service your keys can be accessed by a Government following due legal process.

    That’s fair enough, if this fact is made clear prior to purchase we as buyers can make an informed decision.

    But on the Ledger website it says, today, the following:

    “Ledger hardware devices are the only crypto wallets that use Secure Element chip. It protects you and your private keys against the most common physical attack vectors, such as laser attacks, electromagnetic tampering, and power glitches. So no matter who has your device – your private keys cannot be compromised.”

    So, which is it? Because it can’t be both.

  18. That post was suppised to put people at ease. Completely backfired for good reason, lol. Mission failed successfully?

  19. What could go wrong?

    > If you are a Recover user and have your shard into safeguarded by third parties, then yes, a government could subpoeana them and get access to your funds.
    > Using Recover gives you an easy recovery option and mitigates backup loss, but your assets could get frozen by the government

    > SOURCE: murzika Ledger Co-Founder, Former CEO, and Former Chairman

    Your assets could get frozen by the government. He said it.

    And:

    > As I said above, if you are referring to Ledger Recover, I said government could get access to the backups of a user, as it’s only a matter of law and is about one user

    > SOURCE: murzika Ledger Co-Founder, Former CEO, and Former Chairman

    The government could get access to the backups of a user. He said it.

    And:

    > If you are referring to Ledger Recover, a joint government task force could access a user’s recovery backup. I mean it’s just a question of law, two shards could be subpoaned even if they are each in a different jurisdiction.

    > SOURCE: murzika Ledger Co-Founder, Former CEO, and Former Chairman

    Ledger promised us that our keys could NEVER be extracted from our hardware wallets. The point of owning a hardware wallet is that the keys never touch the internet.

    > yes a firmware update can extract the seed

    > SOURCE: murzika Ledger Co-Founder, Former CEO, and Former Chairman

    And because their firmware isn’t fully open, we have no way of knowing what’s in it.

    > There’s no backdoor and I obviously can’t prove it

    > SOURCE: –btchip, Ledger owner & co-founder

    And it’s not like we can trust their security.

    > Ledger wallet users face mounting home invasion and other scareware threats as hacker dumps private customer information online.

    > SOURCE: Cointelegraph, December 24th, 2020

  20. If governments are behind this, do we expect contagion to spread to other hardware makers? Trezor is in the Czech Republic (which is part of the EU), by example.

  21. Holy mackerel!

    And I have also asked several times who the “trusted” third parties are, and it’s like crickets. They completely IGNORE The question.

    I even asked good ‘ol Eric here.

    He’s “devastated,” yet doesn’t address the question and continues to call Ledger customers who are upset by all of this, “batshit crazy.”

    Honestly, fuck these guys. The French bourgeoisie really know how to make us feel oh so special, don’t they?

  22. Trezor CEO must be laughing out loud, the biggest competitor just sabotaged itself

  23. So you’re telling me my laptop with exodus wallet on it and only connects to the internet once a year is way safer than ledger?

  24. Looks like co founder was so desperate he came here for moon farming to cover his loss.

  25. Even if you’re not a Ledger Recover user, ledger still has your personal information…we know this from the ledger hack. This matters because the government could still subpoena ledger for information on you that ledger does have (even if they can’t get your private key).

  26. This was literally the biggest fear of cold wallets. That the manufacturers would essentially pull the rug on it’s users. What an incredible fuck up.

  27. Ledger got paid by either big banks or governments to install that backdoor. Can’t convince me otherwise, it’s Blackberry all over again.

Comments are closed.