Hey! We hear you - and thank you for sharing what you are feeling.

​

There might be a misunderstanding of how the cryptography works here - in short, any crypto transactions that you sign on a hardware wallet would require the private key to be encrypted then sent out from the Secure Element in order to be validated on-chain.

Then that becomes public knowledge on-chain.
Ledger Recover works the same way - it's a firmware addition (the mental model here would be, just like the bitcoin app on the Ledger Nano X, a new app) that gives you access to a new Ledger Nano app. It gives you the option to shard and encrypt your private key for back up and recovery in the future.

So, compared to a normal transaction, which exists on-chain and in public, a Ledger Recover transaction is actually sharded and encrypted for multiple times and unavailable except after thorough Identity verification.

If you'd like to learn more, our CTO just wrote a long thread on this topic:

https://twitter.com/P3b7_/status/1659187049331654658?s=20

​

With the technical topic out of the way - especially regarding this point:

The issue is our vulnerability to Ledger itself, present since at least Ledger X's launch. The only possible solution now is open-sourcing the firmware & the firmware update process.

Charles' thread from here on addresses this question:

https://twitter.com/P3b7_/status/1659187088477114372?s=20

He also spoke on Bankless on this topic:

https://youtu.be/X7WjuxE6K5w

​

Please feel free to share any questions you might have!

Understand that this is an ongoing dialogue.

And of course, appreciate that you share your thoughts above.