- Pin
- 🍕 Bitcoin Pizza Day is Almost Here!
Join the celebration on Gate Post with the hashtag #Bitcoin Pizza Day# to share a $500 prize pool and win exclusive merch!
📅 Event Duration:
May 16, 2025, 8:00 AM – May 23, 2025, 06:00 PM UTC
🎯 How to Participate:
Post on Gate Post with the hashtag #Bitcoin Pizza Day# during the event. Your content can be anything BTC-related — here are some ideas:
🔹 Commemorative:
Look back on the iconic “10,000 BTC for two pizzas” story or share your own memories with BTC.
🔹 Trading Insights:
Discuss BTC trading experiences, market views, or show off your contract gai
- 🎉 Follow to Win! Gate_Activity account is now live!
💰 Follow Gate_Activity and grab your share of $50 Points rewards!
10 Lucky Followers * $5 Points Each
Join:
1️⃣ Follow Gate_Activity 👉 https://www.gate.io/profile/Gate_Activity
2️⃣ Like this post
📅 Deadline: May 17, 10:00 AM (UTC)
Follow now and don't miss the great activities!
- 🚀 Gate.io #Launchpad# for Puffverse (PFVS) is Live!
💎 Start with Just 1 $USDT — the More You Commit, The More #PFVS# You Receive!
Commit Now 👉 https://www.gate.io/launchpad/2300
⏰ Commitment Time: 03:00 AM, May 13th - 12:00 PM, May 16th (UTC)
💰 Total Allocation: 10,000,000 #PFVS#
⏳ Limited-Time Offer — Don’t Miss Out!
Learn More: https://www.gate.io/article/44878
#GateioLaunchpad# #GameeFi#
- 👩 Gate Post User Experience Survey is Now Live! 💻
💙 We sincerely invite you to participate in our survey — your valuable feedback will help us continuously improve and grow!
💰 Complete and successfully submit the questionnaire for a chance to share a $200 points prize pool!
👉 Join Now: https://www.gate.io/questionnaire/6641
⏰ Event Period: May 8, 8:00 AM – May 18, 6:00 PM (UTC)
Why did Ledger Recover fall into the opposite direction?
Original source: Safeheron
*Forkast News published a column article by Safeheron Technology VP Kane Wang on June 6, discussing the reasons behind Ledger Recover's controversial dilemma. *
Just days after announcing a controversial new feature in its Nano X firmware, hardware wallet provider Ledger has been quick to remove the feature. In response to the outcry from the Web3 community, Ledger has promised to open source more of its codebase, with its core operating system and Ledger Recover at the center of the deep vortex being among the first to be open sourced.
Ledger originally introduced this new feature to make it easier for users to manage their own assets by themselves, by splitting the private key mnemonic phrase into three and backing it up by three platforms, making it easier for users to recover their private keys. However, the Web3 community, which advocates for privacy and autonomy, was surprised by the move, and the market reaction was exactly the opposite of what was expected. At first, the Ledger CEO insisted that non-Web3 users need such a feature, but ultimately could not resist the condemnation of public opinion.
The new features of Ledger this time have aroused public discussion, **At least for the Web3 community, user experience should not be optimized at the expense of security, and user experience and security must be carefully balanced. **Especially for blockchain companies, if you position yourself on the wrong side, no matter how simple and easy to use the product, you will drift away from Web3 users. For Ledger, this is a public and profound lesson, and we should also learn from it.
Why Ledger Recover Backfired
Why is the crypto community outraged by Ledger Recover? Hardware (cold) wallets are generally regarded as one of the safest ways to keep crypto assets, however; **Ledger’s proposed recovery function violates the basic principle that secure hardware vendors should follow-security in several key points. **
First, the optional recovery service is based on the user ID, that is, the service requires the user to provide KYC information. However, stealing ID information is far more common than imagined, and malicious parties may obtain user identity information, thereby gaining access to user assets, which instead provides a new attack method for Ledger hardware wallets.
Second, Ledger's updated recovery firmware splits the user's mnemonic into three encrypted segments, each of which will be stored by a platform,** however, Ledger did not disclose all participating platforms. **This makes users not only need to face the potential risk of relying on third-party services, but users do not even know which institution the other third-party provider is, because Ledger initially only disclosed the two platforms participating in this recovery service, and users cannot Choose which protector to trust.
I believe Ledger enjoys a high level of trust in the Web3 community based on the solid reputation it has built over time. However, choosing not to disclose all third-party platforms when Ledger Recover was originally launched (although they are now fully informed), combined with the fact that the current implementation technology of the recovery function is still a black box state, has indeed undermined its long-established trust with users . Now, Ledger has committed to open sourcing the technology, which is certainly a step in the right direction. But before the official open source, some people will still be skeptical.
Crucially another point is that while Ledger's recovery feature does provide new options for users who wish to back up their seed phrases, it still does not solve the single point of failure problem of private key usage. **
The recovery process of Ledger Recover is as follows:
STEP;1;
A single private key is generated in the user's Ledger wallet
STEP 2;
Ledger splits the mnemonic for that private key into three and distributes them to three platforms for safekeeping
STEP 3;
If the user wants to restore their original mnemonic/original private key, they only need to use two of the mnemonic to restore the single private key of the wallet
However, when using a hardware wallet, the private key still exists as a single entity, so sharding the mnemonic does not solve the single point of failure problem when using a hardware wallet.
Balance between user experience and security
So, can Ledger avoid this strife? **Balancing a good user experience and security is not easy, but it is not impossible. A secure multi-party computing (MPC) wallet may be a better choice. **
Ease of use
As a key consideration, MPC technology can not only effectively improve wallet security, but also is very convenient to use. More and more wallets are adopting MPC technology to provide higher security. The MPC protocol directly generates multiple encrypted private key fragments instead of generating a single private key. Each party keeps a private key shard, and all signers are required to approve and sign the transaction. From the generation of private key shards to its use, the private key has never existed as a single complete private key, effectively eliminating single-point risks. At the same time, the generation of private key shards does not require any operation by the user, which means that there is no difference between using an MPC wallet and using a normal wallet, but users can enjoy higher security protection.
Compatibility
Compatibility is an unavoidable topic when weighing user experience and security. Ordinary Web3 users mostly have multiple wallets, so compatibility between different wallets is crucial to user experience, and MPC wallets are already compatible with other types of wallets. MPC wallet users do not need to obtain additional permissions, and can choose recovery tools/methods by themselves, such as open source offline recovery tools, which use private key sharding to recover the original private key. The private key obtained after recovery can be imported into other non-MPC wallets, and the wallet can be used normally.
**It is worth mentioning that software wallets and mobile apps using MPC technology can easily generate private key fragments and simplify the transaction signing process. **At the same time, for institutional users, Web3 developers are constantly optimizing products and providing more functions that meet the needs of institutional usage scenarios, such as functions that help institutions easily control internal access and authorization.
Of course, any innovation may face bottlenecks or problems. If wallet service providers have cloud MPC nodes, they need to bear higher costs. In addition, compared to the network and device requirements required by single private key wallets, MPC wallets have higher requirements for network and device performance. If the network or equipment cannot meet the technical requirements, the efficiency of the entire transaction process will be affected. Therefore, the threshold for adopting the MPC technical solution is higher.
All in all, through the Ledger Recover controversy, we have seen that when companies sacrifice security in order to improve user experience, the market’s response runs counter to the expected effect of attracting users, and instead increases users’ distrust of the brand. Clearly, security and protecting user assets must always be a top priority.
For me, this development has reaffirmed the growing power of decentralized narratives. The Web3 community has always firmly conveyed a concept to the market: openness, collaboration and community are the top priorities.