A proposed crypto bill in Kentucky has sparked backlash after it included a controversial requirement that hardware wallet makers build in a so-called “backdoor” for recovering user data.
The bill, known as Kentucky House Bill 380, was introduced by state Representatives Aaron Thompson and Tom Smith. It was later amended to require wallet providers to help users reset access details like passwords, PINs, and seed phrases.
According to the bill’s wording, companies would need to “provide a mechanism” to assist users in recovering access to their hardware wallets. It also includes identity verification steps for anyone requesting a reset, raising concerns about privacy and security.
Critics say the proposal is not technically realistic. The Bitcoin Policy Institute argues that non-custodial wallets are designed so that no third party can access a user’s seed phrase, making recovery impossible without compromising core security principles.
The group warned that forcing manufacturers to create recovery systems could weaken self-custody. That could push users toward centralized platforms, where they have less control over their assets but rely on third parties for access and storage.
Self-custody remains a key topic in the crypto world. Supporters argue it gives users full ownership of their funds. At the same time, regulators like the U.S. Securities and Exchange Commission have previously warned that losing private keys can permanently lock users out of their crypto.
Some policymakers have taken a more balanced approach. For example, Avelino Valencia in California has backed measures that protect self-custody rights while still addressing consumer risks.
The debate highlights the ongoing tension between regulation and decentralization. As lawmakers continue to shape crypto policy, industry groups say they want laws that protect users without undermining the core design of blockchain-based ownership.
