Recently Ledger launched a feature called Recover, which is an optional feature that backs up your cryptographically split seed phrase for a subscription fee. With this, users are required to submit their identity for setup and verify it for recovery. The community has made several valid points about this feature, which prompted this megathread.
Ledger had previously stated that a firmware update could not change the fact that your private keys never leave the secure element. However, a firmware update has shown that this is not the case. In addition, Ledger had a major data breach in the past, raising concerns about the security of the system. Even if this feature is optional, it means code has been added that allows transmission of your seed phrase to the internet. This could cause Ledger to no longer be considered a cold wallet.
Furthermore, parts of the Ledger architecture are still not open source. While this has not changed with Recover, adding major changes to closed source software can raise questions about trust. Additionally, the three companies could potentially be subject to hackers or government pressure.
Finally, identity and information based verification has weakened over time due to data breaches. Even KYC systems, which are supposedly meant to protect you, can end up being compromised.
All of these factors bring into question the safety of Ledger’s Recover feature. With this in mind, it is important to evaluate how Recover works and what the potential risks are when using it. Ledger has a responsibility to their customers to keep their data secure, so it is essential that users remain aware of the risks and make sure to keep their funds safe.