Their service has been linked to ledger Recovery and KYC, so trying to make the code open source (even if it is real) will not help in bringing back the user base who thought about purchasing another hardware wallet.
This.
I'm a former Ledger user. There's nothing they can do to win me back. They added key extraction firmware to their hardware wallets, after swearing for years there was no way to extract keys from a Ledger wallet. That's a huge lie. How can I ever trust them again?
I'm actually shocked by how nobody is talking about the bigger issue with Ledger's lies.
Look at the DATES.
How long do you think it took Ledger to come up with a plan to extract seeds from users wallets and then write the code to do it? No, really. I'm asking. Think about how complicated an undertaking like that is. The code. The partner companies. The testing. How long do you think it took? Surely lawyers were involved among all three companies, which means there's a paper trail with signatures and dates.
I'd love to see the dates on those documents compared to the dates on posts online by Ledger about how keys on their hardware wallet cannot be extracted.
I'm shocked nobody has launched a class action lawsuit against Ledger. All they'd need to is compare the dates on those contracts to Ledger's own words with timestamps, not to mention Ledger's marketing.
"Your keys are always stored on your device and never leave it"
May 14th, 2023Ledger Recover had to have been in the works since at least 2022, but probably earlier than that, so quotes like the above are game over if they get sued since they were writing key extraction firmware and signing contracts with companies to store users' keys long before May 14th 2023.
These are quotes from Ledger's website as of May 2023:
"Private data, such as your private keys will be protected and never leave the device due to the combination of BOLOS and the Secure Element."
"The secret keys or seed are never exposed to the BLE stack and never, ever leave the Secure Element."
That's what they were saying, but what were they doing? They were writing key extraction firmware for those devices and they were negotiating contracts with companies to store users' keys.
Perhaps renaming the brand and starting over with another design and modifications in the code with a complete separation from ledger would be a good start but otherwise KYC is an irreversible one way road.
A new brand would be tainted by Ledger's reputation the moment they got outed as being Ledger. Ad they would surely be outed, because the new company would be owned by the same people who put greed above the product.
I assume Ledger will manage to survive. They'll find a way to stay profitable, but their reputation among people who understand how important security is... well... that's gone.
