I wasn't super interested in the whole thing, since I don't have Ledger, however when I've heard about it, I assumed it was something like 3 of 3 + passphase version of Shamir Backup present for some time in Trezor. The new thing would be user sending each part of recovery seed to different entity for safekeeping. If that was the case, then there was no need for backdoor to read the seed from the device nor the corporations that safeguard your data would be able to recover the seed without a passphase. Still why the hell would anyone want to pay for such service?
You are viewing a single comment's thread from:
Ah nice...
But if it also has a "passphrase" doesn't that just lead itself to the same scenario of forgetting the passphrase and losing the money? Also setting the threshold to 100% seems... counterintuitive. It also sounded like it has a strong KYC element to it which I forgot to even mention in the OP.
Hardware wallets stem from the idea of brain-wallet. You get a long passphrase and run it through the script magic to get the pair of keys (or any amount of pairs when BIP32 was introduced). This way all you need to do to always have your wallet on you is to remember the passphrase. That's the problem though. People are nowhere as unique as they think they are. So they used quotes from the Bible or Cthulhu, phrases in Klingon or Quenya, children rhymes and song lyrics - guess what, other people had the same idea. When I first read about the concept, I've played a bit with different passphrases in Armory, and it didn't take me long to run into some that were connected to addresses that at some point in the past held nontrivial amount of Bitcoin. So, if you wanted to use brain-wallet, you had to make a passphrase that was specific to you, like concatenation of your name, address, PIN to your debit card, your social security number, password to your email etc. But since you are not using it every day and every character matters, such passphrase is very difficult to remember even if you know all its components.
Hardware wallets eliminate that problem. You only need to remember a simple PIN to unlock the wallet and you get the benefits of a very strong passphrase that you don't need to remember for every day use. On top of that you can also use extra passphrases that are easy to remember, like names of your children, that act as extra word of the passphrase. Since each acts effectively as different seed, you can even share the same hardware wallet between multiple people in the family. Or you can use it for "plausible deniability", so even in third world countries, where you can be jailed for not revealing your password, like Great Britain, you can make up words on the spot - they will all be valid as seeds for key generation and equally useless (just leave one as bait with a bit of actual crypto, in case you are being beaten with a crowbar to reveal your coins).
Again, hardware wallets take the heavy lifting leaving you with very simple PIN/words to remember. Unless your name is Julian Assange, Edward Snowden or maybe Ross Ulbricht, that should be safe enough. That pushes the focus on not losing access to your own coins. That's where the encrypted backup split between different locations comes in handy. You have full access, while it does not pose a security threat because potential attacker first needs to get a hold of all the pieces and then also guess the password to decrypt the seed, which is still not enough if you are using extra words for actual key generation. Well prepared and determined attacker will get through all those obstacles eventually, but it has to be worth it and hopefully it leaves you enough time to notice the problem and react.
https://dailycoin.com/ledger-ceo-government-can-subpoena-seed-phrases/
lol look at that it's worse than both of us imagined.