An amendment to Kentucky’s House Bill 380 has sparked controversy for proposing to impose strict requirements on hardware wallet providers.
Spotlight Shifts to Hardware ProvidersAccording to critics, a late-hour floor amendment has shifted the spotlight toward hardware wallet providers such as Ledger and Trezor. The amended language of HB 380 mandates that any person or company providing a hardware wallet include a mechanism to assist users in resetting passwords, PINs or seed phrases.
Specifically, the bill requires providers to maintain a live, toll-free customer service line for Kentucky residents. They must also provide a functional reset mechanism for credentials necessary to access the wallet’s contents and verify the user’s identity through methods other than the security credentials themselves.
Failure to comply with these requirements would be classified as an “unfair, false, misleading, or deceptive act” under Kentucky’s consumer protection laws, empowering the attorney general to seek civil penalties.
‘Technologically Impossible’Despite the outcry, HB 380 has already advanced through the Kentucky House of Representatives. It now moves to the Senate, where industry leaders are expected to lobby for the removal or total revision of Section 33 before it reaches the governor’s desk.
FAQ What is House Bill 380? House Bill 380 is a Kentucky regulatory bill aimed at regulating virtual currency kiosks, but recent amendments have raised concerns about self-custody for cryptocurrency.What does the amendment require from hardware wallet providers? The amendment mandates that hardware wallet providers maintain a toll-free customer service line and offer mechanisms to reset passwords and verify user identities.Why is the Bitcoin Policy Institute against the bill? The Bitcoin Policy Institute argues that the requirements are “technologically impossible” for non-custodial wallets, potentially creating security vulnerabilities.What are the implications if HB 380 is passed? If passed, Kentucky would be the first state to mandate recovery protocols for private keys, which may lead hardware providers to cease shipping products to the state.
