Ledger Wallet: A Comprehensive Overview of Available Models

In the Bitcoin universe, security is king. With Bitcoin’s rising popularity and increasing value, the necessity of securing this asset is more crucial than ever. Enter the hardware wallet – a solution designed to meet this growing demand. And at the forefront of this innovation is the Ledger Wallet.

In our complete guide, we’ll take you through an in-depth journey into the world of Ledger. From its origins to the different models available, and the big question: is it really worth investing in this wallet?

---

The company behind Ledger

Established in 2014 in Paris by Eric Larchevêque, Joel Pobeda, Nicolas Bacca, and Thomas France, Ledger has swiftly risen to prominence as a top-tier provider of security solutions for digital currencies.

At its core, the company is dedicated to crafting top-notch security devices aimed at safeguarding digital assets against emerging threats.

In a significant milestone in 2021, Ledger secured a whopping $380 million in funding, primarily led by 10T Holdings. This impressive round of funding skyrocketed the startup’s valuation to an astounding $1.5 billion.

The company’s core mission is to protect this new class of assets, which includes cryptocurrencies, active data, IoT devices, digital identities, and two-factor authentication (2FA).

The crown jewel of Ledger’s offerings is its series of hardware wallets designed for digital assets. These wallets have achieved global reach, distributed across 165 countries, with a customer base exceeding 6.5 million.

Beyond the hardware, the company also brings to the table the Ledger Live app, a versatile tool for managing Bitcoin and other cryptocurrencies.

Kicking off its journey in the hardware wallet market, Ledger’s initial offering was the Ledger Nano S. Fast forward to 2019, the team unveiled the more advanced Ledger Nano X. More recently, in 2023, Ledger made waves with the introduction of their design and NFT-centric model, the Ledger Stax.

Now that we’ve introduced you to Ledger, let’s delve deeper into the wallet models they offer.

Ledger’s Hardware Wallet Models

Ledger’s lineup boasts three primary hardware wallet models: the Ledger Nano S, Ledger Nano X, and the Ledger Stax. Each of these models stands out with its own set of distinctive features and advantages.

Colors

In a recent move, Ledger introduced colored versions for the Nano S Plus and Nano X models.

These vibrant colored options bring an extra layer of personalization to the table, allowing users to pick a design that resonates with their personal style and preferences. This expansion in choice adds a new dimension to the already acclaimed security and functionality aspects of Ledger’s hardware wallets.

Thus, with this latest introduction of aesthetic variety, users can now enjoy a more unique and tailored experience alongside the trusted security and functionality that Ledger is known for.

Cryptocurrency Support

All Ledger wallet models are multi-currency, which means that there is no exclusive version for Bitcoin only. They integrate with DeFi protocols, exchanges, and applications from various ecosystems.

Despite this, Ledger maintains a team exclusively devoted to Bitcoin. This group is dedicated to crafting solutions specifically tailored for Bitcoin.

Rumor has it that they are exploring ways to link the wallet directly to the Bitcoin node, an exciting prospect that we’re eager to see come to fruition.

A unique aspect of Ledger’s approach is how it treats each currency. Each currency functions as a separate app within the wallet. To manage a particular digital currency, users need to install its corresponding app, creating a specific wallet for that currency on the Ledger device.

However, there’s a catch: the device can only accommodate up to 100 apps at a time. If you hit this limit, you’ll need to uninstall an app to make room for a new one.

For Bitcoiners: Want a Ledger wallet that’s solely for Bitcoin? Simply install the Bitcoin app and skip the rest. This way, your Ledger device becomes a dedicated Bitcoin-only hardware wallet.

Language support

One area where Ledger wallets shine is in their multilingual capabilities. The app supports multiple languages, making it incredibly user-friendly for a global audience.

Everything from wallet setup to app and website interfaces is available in various languages.

This commitment to multilingual support is a testament to Ledger’s dedication to creating an accessible and user-friendly experience for customers worldwide.

Compatibility across platforms

All devices boast extensive compatibility, seamlessly integrating with various operating systems including Apple, Android, Linux, macOS, and Windows. This broad compatibility ensures that users across different platforms can effortlessly use Ledger products.

The setup and management of these devices are performed through the Ledger Live app, which offers a unified and intuitive interface for users to conveniently control their wallets and digital assets.

Security

When it comes to cold wallets, security is a top priority, and Ledger’s offerings excel in this area.

Ledger wallets are outfitted with two specialized processing chips:

• Secure Element (ST33J2M0): This chip has independent certification and is responsible for storing the private key and authorizing transactions.
• Operating System (STM32WB55): This chip runs Ledger’s own operating system, BOLOS, adding an extra layer of security.

These chips function as independent hardware modules, offering an added layer of defense.

They come with their own storage and limited functionality, effectively shielding them from cyber threats. This design ensures that even when connected to a potentially compromised device, like an infected laptop or smartphone, the private keys – the gatekeepers to your crypto funds – remain secure and untouchable.

CC EAL5+ Certification

The Secure Element (ST33J2M0) chip in Ledger wallets is not just any chip; it’s distinguished by the CC EAL5+ certification.

This certification is a big deal in the industry, representing an exceptional level of security. It means the wallet has been put through the wringer with extensive security checks and testing, ensuring its robustness.

Adding to this, Ledger’s commitment to security is further underscored by an independent certification from the French National Agency for Information Systems Security (ANSSI).

Operating System – BOLOS

Ledger’s unique operating system, BOLOS, is a testament to their security-first philosophy.

Ledger operates on its own operating system called BOLOS, which was developed with a focus on security. This system allows the installation of third-party applications on the device, keeping them separate from each other and preventing any access to your 24-word phrase. 

Imagine if a hacker somehow managed to slip malicious code into an application on your Ledger wallet. Thanks to BOLOS, this compromise would be contained to just that app, with no spill-over effects on other functions or your wallet’s overall security.

In essence, BOLOS’s isolation strategy means that even if one part of the system is attacked, the integrity of the whole wallet remains intact.

Closed-Source Firmware

Although the applications and Ledger Live are open source, the firmware remains closed source.

According to the company, the choice of closed source is a measure to ensure the security and resilience of the supply chain and infrastructure, protecting these elements from potential physical attacks.

However, this choice has sparked criticism from some users who are concerned about the inability to inspect the code for hidden vulnerabilities or backdoors.

PIN Protected

Physical security is a key aspect of Ledger wallets, achieved through a user-configured PIN. This feature acts as a primary defense, deterring unauthorized access in scenarios like loss or theft of the wallet.

The PIN serves as a barrier, ensuring that your digital assets remain secure and accessible only to you.

Additionally, users have the flexibility to change their PIN in the security settings, allowing for enhanced control over their wallet’s security.

Easy Backup

One of the standout features of Ledger wallets is the ease of backup and recovery. As long as you have your 24-word recovery phrase, you can always restore your balances, even if your wallet is lost or damaged.

It’s crucial to understand that your digital currencies are recorded on the blockchain; the wallet simply provides the private key for accessing and transacting these currencies.

In the event of loss, theft, or malfunction of your device, you can purchase a new one and use your original recovery phrase during setup.

This process enables you to recover the settings of your previous wallet, ensuring continuous access to your digital assets.

This backup feature is also a critical safety net, providing peace of mind and security for your cryptocurrency investments.

Ledger Nano S Plus

The Ledger Nano S Plus is one of the most popular hardware wallets on the market. This cold wallet offers users the ability to store their Bitcoin and other cryptocurrency private keys offline, adding an essential layer of security.

Design and features

Sporting a compact, USB drive-like design, the Ledger Nano S Plus is user-friendly. It features a central display for showing important information and easy-to-use buttons located on the top of the device.

When you purchase the Nano S Plus, the package includes the wallet, a USB-C to USB-A cable for connection, a guidebook for beginners, three sheets for recording your recovery phrase, and a keychain strap.

This strap is particularly handy for keeping your wallet secure and within reach.

Connectivity

Unlike the more advanced Ledger Nano X, the Nano S Plus lacks Bluetooth and a built-in battery. This means you’ll need to connect the wallet to your computer or mobile device using the USB-C cable each time you want to access it.

The absence of Bluetooth and a battery in the Nano S Plus is by design, focusing on essential functionality and a more basic design.

While the Ledger Nano X offers the convenience of wireless connectivity and mobility, the Nano S Plus prioritizes a secure, affordable solution for Bitcoin storage, all within a compact and efficient design.

Supported currencies

The Ledger Nano S Plus supports a vast array of over 5,500 digital currencies for sending, receiving, and exchanging.

To access this wide range of coins and tokens, users are required to install various third-party applications, services, and wallets via the Ledger Live app.

This device allows the installation of up to 100 different digital currency apps and is compatible with over 50 third-party wallets, including popular ones like:

• Electrum
• Exodus
• Green Wallet
• Liana Wallet
• Sparrow Wallet
• Wasabi Wallet
• and many more.

Ledger Nano X

The Ledger Nano X represents a significant evolution from the Nano S Plus, marked by a suite of advanced features.

The Nano X is crafted with user experience in mind, featuring two round buttons adjacent to the screen, akin to a joystick. This design facilitates an intuitive interaction, reminiscent of using a video game controller, enhancing the user’s comfort during operation.

Beyond its user-friendly design, the Nano X boasts several functional upgrades over its predecessor, the Nano S Plus.

These improvements include increased storage capacity, Bluetooth connectivity for versatile pairing with mobile devices, and an integrated battery, enhancing the device’s portability.

Bluetooth

A standout feature of the Nano X is its Bluetooth integration. This functionality enables users to sign transactions via an app on their mobile phone, offering convenience for both computer and mobile device usage.

Despite the practicality, some cybersecurity experts view Bluetooth as a potential security weak point.

However, Ledger assures that Bluetooth is activated only during specific instances, like pairing the phone for transaction signing, mitigating security concerns.

To date, there have been no reported incidents of stolen balances due to Bluetooth vulnerabilities.

The Bluetooth connection is encrypted end-to-end, ensuring privacy and not posing additional risks to the wallet’s security. Notably, private keys remain within the secure chip, safeguarding against any potential breaches.

With or without Bluetooth?

Users have the choice to use the Nano X with or without Bluetooth.

For those preferring a wired connection, the device includes a USB cable. To disable Bluetooth, users can easily access the Control Center by pressing the two buttons on the wallet, giving them greater control over their connectivity and security preferences.

Built-in battery

Differing from the Nano S Plus, the Nano X includes a non-replaceable 100 mAh battery.

This battery sustains the wallet for about 8 hours of continuous use or several months when idle, on a full charge. To recharge, simply connect it to a computer using the provided USB cable.

The inclusion of a battery offers additional convenience for mobile use or in situations where constant power access is unavailable.

Supported currencies

Like the Nano S Plus, the Nano X supports over 5,500 digital currencies for sending, receiving, and exchanging.

Accessing the full range of coins and tokens requires installing various applications, services, and third-party wallets through the Ledger Live app.

Overall, the Ledger Nano X stands as a secure, user-friendly hardware wallet, ideal for those looking to store Bitcoin and other cryptocurrencies offline.

It caters to a broad spectrum of users, offering a versatile and comprehensive solution for digital asset storage.

Ledger Stax

In 2022, Ledger introduced the Ledger Stax, a novel hardware wallet model crafted by Tony Fadell, a former Apple engineer renowned for his work on the iPod. This device marked a significant departure from traditional wallet designs, offering a modern and sophisticated aesthetic.

The Ledger Stax stands out with its compact, rectangular E-Ink screen, reminiscent of a sleek smartphone. This design choice not only enhances the device’s look but also contributes to its user-friendly interface.

Like other Ledger products, the Ledger Stax Wallet allows users to store Bitcoin and other cryptocurrencies using a cold storage method, which keeps them completely offline.

A groundbreaking feature of the Ledger Stax is its specialization in NFTs (non-fungible tokens).

It’s the first Ledger hardware wallet designed with NFTs in mind, allowing users to personalize the lock screen with their favorite NFT or any chosen image, adding a unique personal touch to the device.

The Stax’s dimensions are 85 mm x 54 mm x 6 mm, and it weighs 45 grams. It boasts a capacitive electronic ink screen with a resolution of 672 × 400 pixels, displaying 16 levels of gray.

Enhancing its versatility, the device offers USB-C and Bluetooth connectivity, catering to both wired and wireless preferences. Additionally, it supports Qi wireless charging, simplifying the charging process.

The integration of Ledger’s EAL 6+ secure element in the Ledger Stax reinforces the security of stored cryptographic assets.

Targeted at a more sophisticated audience, the Ledger Stax Wallet represents an evolution from previous models, such as the Nano S Plus and the Nano X, which have smaller dimensions and a design that resembles a flash drive.

Ledger’s EAL6+ Secure Element

In addition to being compatible with the EAL6+ secure element, the Ledger Stax also offers the Secure Boot functionality, which ensures the integrity of the wallet’s software, making it more resistant to hacking and tampering.

USB-C and Bluetooth Integration

The inclusion of both USB-C and Bluetooth connectivity in the Ledger Stax provides users with flexible options for managing their digital assets. This dual connectivity feature accommodates individual preferences, allowing for a seamless and secure interaction with the wallet.

Overall, the wallet is an innovative, secure, and convenient option for storing Bitcoin.

Its support for NFTs, along with its modern, smartphone-like design, make it an attractive choice for users seeking a sophisticated and feature-rich hardware wallet experience.

What is Ledger Live?

Ledger Live is an essential component when using Ledger’s hardware wallets, balancing simplicity with the ability to execute more complex tasks. Investing time in understanding this software is key to maximizing the functionality of your device.

At its core, Ledger Live is designed to manage the coins and tokens stored in your wallet. But its capabilities extend beyond just management.

One of the features of Ledger Live is the option to purchase Bitcoin. This functionality is made possible through Ledger’s partnerships with Coinify and MoonPay.

To get started with Ledger Live, visit the official website and locate the download section that corresponds to your operating system.

The website provides clear instructions for downloading and installing the software. Once downloaded, follow the straightforward installation steps to configure Ledger Live.

After setting it up, you can begin managing your digital assets in a secure and user-friendly environment.

Choosing Between Ledger Nano S Plus, Nano X, and Ledger Stax

When deciding between the Ledger Nano S Plus, Nano X, and Ledger Stax, it’s essential to understand their key differences, even though they share many features.

• Bluetooth compatibility: Nano Stax and Nano X offer Bluetooth connectivity, making them compatible with smartphones. The Ledger Nano S Plus, however, lacks this feature and requires a USB-C connection for use.
• Hardware: The Stax is the only model among the three that boasts a touchscreen, enhancing user interaction.
• Wireless charging: Additionally, Stax supports Qi wireless charging, a feature not available in the Nano S Plus and Nano X.

For a detailed comparison, consider the following table:

Comparison of Ledger Stax, Nano X, and Nano S Plus

	Ledger Nano Stax	Ledger Nano X	Ledger Nano S Plus
Type of Screen	E Ink ®	OLED	OLED
Screen Resolution	400 x 672 px	128 x 64 px	128 x 64 px
Touch Screen	✅	❌	❌
Bluetooth ®	(Compatible with smartphones only)	(Compatible with smartphones only)	❌
Wireless Charging	Qi Charging	❌	❌
Connector	USB-C	USB-C	USB-C
Windows	Windows 10+	Windows 10+	Windows 10+
MacOS Apple	macOS 12+	macOS 12+	macOS 12+
Linux	Ubuntu LTS 20.04 +	Ubuntu LTS 20.04 +	Ubuntu LTS 20.04 +
Apple iOS	iOS 13+	iOS 13+	❌
Ledger Live App (NFTs)	Ethereum and Polygon NFTs	Ethereum and Polygon NFTs	Ethereum and Polygon NFTs
Third-Party Wallet (Coins)	5000+ Coins	5000+ Coins	5000+ Coins
Ledger Live App (Coins)	500+ Coins	500+ Coins	500+ Coins
Third-Party Wallets (NFTs)	NFTs with multiple blockchains	NFTs with multiple blockchains	NFTs with multiple blockchains
Secure Element Chip	Certified Secure Element (CC EAL6+)	Certified Secure Element (CC EAL5+)	Certified Secure Element (CC EAL6+)
PIN Protection	✅	✅	✅
Recovering Asset Access	24-word secret recovery phrase	24-word secret recovery phrase	24-word secret recovery phrase
Third-Party Wallets	Compatible with 50+ wallets	Compatible with 50+ wallets	Compatible with 50+ wallets

Where to buy a Ledger?

To ensure the authenticity and security of your Ledger device, consider these purchasing options:

• Official website: Buying directly from Ledger’s official website (ledger.com) is the safest option.
• Authorized resellers: If you prefer a physical store, ensure they are Ledger-authorized.
• Amazon: Ledger maintains an official store on Amazon. Be cautious about buying from the official store and not third-party sellers.

Warning! Avoid purchasing wallets from third-party platforms like eBay or unknown sellers on Amazon, as there’s a risk of receiving a compromised device.

How much does a Ledger cost?

The Ledger series offers a range of models, each with its own price point, catering to different user needs and preferences.

The pricing for these models varies, with the most affordable option starting at $79 and the premium model priced at $279.

Here’s a breakdown of the prices:

• Ledger Stax: Priced at $279, it’s the latest and most premium model, particularly appealing to NFT enthusiasts.
• Ledger Nano X: Available for $149, this model offers a balance of features and price, with the added convenience of Bluetooth connectivity.
• Ledger Nano S Plus: The most budget-friendly option at $79, ideal for beginners or those who prefer a straightforward, no-frills approach to cryptocurrency storage.

When purchasing from the official store, be aware of potential shipping and import taxes. These additional charges can vary based on current customs regulations, so it’s advisable to factor these into your budget.

Not sure which model to choose?

Deciding between the Ledger Nano S Plus, Nano X, and Stax involves considering your specific needs and preferences:

• Ledger Stax: Choose this if you’re keen on the latest technology, especially if you’re into NFTs. It’s a top-of-the-line model with advanced features.
• Ledger Nano S Plus: Ideal for beginners or those who don’t require Bluetooth connectivity. It offers excellent value for money, providing the same storage capabilities and support for a wide range of digital currencies as its more expensive counterparts.
• Ledger Nano X: A middle-ground option. It’s perfect for those who want a user experience similar to the Ledger Stax but at a more moderate price. The integrated Bluetooth is a significant plus, especially if you value the convenience of managing your portfolio through a mobile app.

In summary, the best choice depends on comparing the features and prices of each model, considering your specific requirements, whether it’s budget constraints, the need for advanced features, or the desire for mobile app convenience.

Advantages and disadvantages of the Ledger wallet

When choosing a Bitcoin wallet, it’s crucial to weigh the pros and cons to protect your digital assets effectively.

Here are some essential points to keep in mind when evaluating Ledger as a cold storage option:

Advantages

Robust Security:

Ledger hardware wallets are regarded as some of the most secure cryptocurrency wallets available. They incorporate several security measures, including a secure chip, a 24-word recovery phrase, and a PIN code, to safeguard your assets.

Portability:

These wallets are compact and lightweight, making them convenient to carry around. This portability is a significant advantage for those who need access to their funds while on the move.

Integration:

The wallets are compatible with various third-party wallets and applications, offering flexibility in managing your cryptocurrencies.

Variety of Prices:

With a range of hardware wallets at different price points, Ledger caters to various budgets.

Compatibility:

These wallets are compatible with multiple operating systems, allowing usage across computers, smartphones, and tablets.

Disadvantages

Lack of a “Bitcoin Only” Version:

Ledger supports multiple cryptocurrencies, which might not be ideal for users exclusively interested in Bitcoin. This multi-currency support could potentially increase the risk of attacks.

Questionable Reputation:

The company has experienced some security incidents in the past, leading to concerns among users about the brand’s overall security and reliability.

Level of Trust:

Users must place considerable trust in Ledger and its software updates.

There’s an inherent challenge in ensuring that private keys are not extracted from the Secure Element chip. This issue is not unique to Ledger; it’s a common concern with other hardware wallets that use a Secure Element, such as Coldcard and Bitbox.

Data Leak

However, not everything is perfect, is it? Ledger has been involved in some scandals in recent years, and we’re going to discuss each one of them so you can be informed about what happened and make the best decision for your sovereignty.

In July 2020, attackers exploited a vulnerability in a third-party API used by Ledger, gaining access to its e-commerce and marketing database. This breach was extensively reported, including in a detailed article by Coindesk.

The compromised data included over one million email addresses and sensitive personal information such as full names, phone numbers, physical addresses, and email addresses.

The severity of the breach became fully apparent in December 2020. The attackers released the stolen data on the dark web, specifically on Raidforums, a notorious platform for sharing compromised databases.

This leak exposed the records of over 270,000 Ledger customers.

Although the breach did not result in the direct theft of customer funds, the repercussions were significant.

Affected users reported a surge in phishing attempts, extortion threats, and in some cases, even threats of physical violence. This incident underscored the real-world risks associated with digital data breaches.

How did Ledger handle the situation?

In response to the situation, Ledger announced stricter measures to prevent future breaches. The company hired a blockchain analysis firm to identify the responsible parties and offered a reward of 10 BTC to anyone who provided information about the attackers.

Ledger’s CEO also communicated changes in the way data is stored: customer information will be moved to an offline database, and the company has committed to deleting personal data as soon as possible.

However, unfortunately, the scandals did not stop there.

Another incident involving the Ledger brand occurred more recently, in 2023, known as the Ledger Recover.

Ledger Recover

In 2023, Ledger announced the launch of a service called Ledger Recovery.

Designed for users who choose not to take direct custody of their private keys or who have concerns about doing so, this service allows for the recovery of private keys in case of loss, similar to when you forget your email password and request the provider to reset your lost password.

The update is optional and is available for Nano X models in the European Union, Canada, the United Kingdom, and the United States.

How does Ledger Recover work?

When users opt to use the service, they allow their seed, a list of 12 to 24 words, to be encrypted and divided into three parts that are stored on the servers of three custodians:

• Ledger
• Coincover
• EscrowTech

Each custodian holds one fragment, which is useless on its own, and only the person’s wallet can combine these fragments to reconstruct the seed.

To have these companies store these fragments of the seed, a monthly fee of about $10 would be applied.

In case of loss of access to the seed, the user would need to go through the KYC (Know Your Customer) process to recover the information that gives access to the balance in the wallet.

Concerns about Ledger Recovery

The launch of Ledger Recovery was surprising, but for the wrong reasons.

This happened because Ledger simultaneously addressed three extremely sensitive points:

• Making it public that it is possible to extract a seed from your device;
• Intermediating custody;
• Doing this using KYC (Know Your Customer).

The overlap of these three points sounded like an attack to those who defend security and privacy. These are three sensitive points overlapping in a single product, and this provoked harsh criticism and represented a change in the model of what is expected from a hardware wallet.

Many users began to question whether there could be a backdoor (a form of unauthorized access) or the possibility of leaking customer seeds, even for those who did not subscribe to the service, through a malicious update.

However, according to Ledger, this would not be feasible, and for those who do not opt ​​for the new service, the security system remains the same as before.

Adam Back himself, founder of Blockstream, the company behind the Jade Wallet, reinforced that Ledger would be safe and that the service is optional, that is, whoever does not activate it will not have to worry.

However, despite all the explanations provided by Ledger and even by Adam Back, doubts persisted due to some contradictions related to the three points mentioned above.

A move against what is expected of a cold wallet

One of the main criticisms of Ledger Recover is that it goes against the ethos of a cold wallet.

A cold wallet is designed to provide users with complete control over their cryptocurrency. By storing the seed phrase on Ledger’s servers, users are essentially giving up control of their keys to a third party.

This is a significant change from the way cold wallets have traditionally worked.

In the past, users were responsible for storing their seed phrases in a secure location. If they lost their seed phrase, they would be unable to access their cryptocurrency.

Ledger Recover makes it easier for users to recover their currency if they lose their seed phrase.

However, it also makes it easier for a third party to access those funds. This is a significant security risk, especially for users who are concerned about privacy and censorship.

Concerns about Ledger Recover

Alongside security worries surrounding Ledger Recover, users have also expressed concerns about:

• Data leakage and sale: Should Ledger’s servers be compromised, users’ KYC information and seed phrases might become vulnerable. This raises the risk of identity theft, financial loss, and potential government surveillance.
• Cyberattacks: Ledger Recover could be a prime target for hackers aiming to steal users’ cryptocurrency.
• Censorship and Surveillance: Government pressure could force Ledger to adhere to data retention and surveillance laws. This might result in the seizure of users’ cryptocurrency or freezing of their accounts.

Secure Element

Ledger Recover has also brought attention to the security of the Secure Element chip in Ledger devices. This tamper-resistant chip is designed to safeguard sensitive information like seed phrases.

In 2022, Ledger asserted that extracting the seed phrase from the Secure Element was impossible. However, the introduction of Ledger Recover seems to contradict this claim, sparking doubts about the Secure Element’s reliability as professed by Ledger.

Ledger’s response

In defense of Ledger Recover, the company argues that it offers a valuable service for users worried about losing their seed phrase. The company insists that the service is secure and that users’ data will be adequately protected.

Nevertheless, Ledger’s assurances have not alleviated the cryptocurrency community’s concerns. Ledger Recover continues to be a contentious update that has tarnished the company’s reputation.

The launch of Recover marks a significant moment in the cryptocurrency world, raising crucial questions about the security and reliability of hardware wallets.

The success of Ledger Recover remains uncertain. However, it’s evident that the service has negatively impacted the company’s reputation.

Is it possible to create a firmware that extracts the seeds from the chips?

The recent Ledger update confirmed that extracting seeds from chips is indeed possible. This revelation highlights why hardware wallets using the security element maintain this component as closed source.

Ledger’s decision to not go fully open source is also rooted in this issue. If Ledger were completely transparent, it would reveal the process of sending specific commands to the chip, enabling actions like extracting and encrypting seeds before transmitting them.

Essentially, the machine performs as the software commands. This vulnerability isn’t exclusive to Ledger; it’s a critical point for any hardware wallet utilizing this kind of chip.

Software engineer Christopher Allen notes:

“The issue lies in the fact that current SE chips cannot natively and securely execute the Bitcoin curve in semiconductor logic. This challenge is not unique to Ledger; it’s a problem with all contemporary wallet chips.”

The general expectation was that a personal hardware wallet wouldn’t be capable of such actions. This assumption might necessitate new chip designs, ensuring the impossibility of seed extraction.

According to Allen, chips specifically tailored for Bitcoin and cryptocurrency custody need development to ensure seeds never leave the device – a promise currently unmet.

Adam Back also remarked:

“SE chips are primarily utilized to protect funds on stolen devices by erasing the stored seed after several incorrect PIN entries. Secure elements aren’t a perfect solution, but they enhance asset security.”

What about other Hardware Wallets?

In the case of Trezor, extracting the seed is relatively easier, a vulnerability that was recently identified.

Other wallets employing the SE chip and considered open source still keep the chip’s segment closed source.

ColdCard and BitBox, for instance, despite their strong reputation and history, use a closed-source SE chip. In theory, they could also issue updates that compromise seed security.

All these wallets use the secure element for storing sensitive information and an open-source firmware microcontroller (MCU) for other functions.

Theoretically, manufacturers could develop firmware that exposes seeds and offer it to users. However, such a move is unlikely due to potential reputational damage, as demonstrated by the Ledger situation.

Ledger support’s controversial tweet highlighted this trust issue: “You always trusted Ledger not to create firmware of this type, whether you like it or not.“

And this is where the big learning of this event comes in.

Key Learnings from the event

Purchasing a hardware wallet inherently involves a level of trust in the manufacturer, both for the product’s quality and for safe software updates. The potential for an update to extract seeds from the device was seldom discussed until Ledger brought this possibility into the spotlight.

This revelation, while unsettling, also clarified several points:

1. Any hardware wallet, like Ledger, Trezor or Coldcard, has the potential to perform similar actions;
2. There’s an inherent trust placed in the manufacturer;
3. The significance of having a cold wallet remains unchanged, but it’s more crucial than ever to have a comprehensive set of security measures.

It’s vital to safeguard against the wallet manufacturer, irrespective of their brand. A strategy for mitigating the risk of seed exposure—be it through negligence or a malicious update by the wallet manufacturer—is using a multisig mechanism.

What is multisig?

Multisig wallets provide an additional layer of security. They allow you to create an address that requires multiple signatures to authorize fund transfers.

It’s akin to a safe that needs several keys to open. If one of your seeds is compromised, whether due to carelessness or a hostile update, the funds remain secure, provided you have all the necessary keys.

Conclusion

This analysis underscores the robustness of Ledger’s solutions for safeguarding Bitcoin.

Ledger caters to various needs and budgets, positioning itself as a top choice for digital currency users.

In conclusion, vigilance in securing your Bitcoin is crucial, regardless of the amount.

Security negligence can lead to substantial losses. Prioritizing the safety of your Bitcoin assets is essential. If your coins are stolen, your efforts are rendered futile. Therefore, it’s advisable to avoid leaving your Bitcoin on exchanges or under third-party control.

Additionally, if you intend to hold and store your coins for an extended period, opting for a hardware wallet over hot wallets is the safest decision to make.

I hope you enjoyed the article! Share it with friends and family so that more people can elevate their level of sovereignty.