Ledger released a new hardware wallet â the Ledger Nano X. This new device protects your cryptocurrencies with military-grade protection and prevents digital theft and hackers. These are the key new features of the Ledger Nano X:
Large HD screen â Displays address of receiver in full without scrolling
More storage space â Install up to 100 different apps for different coins.
Rechargable Battery – allows the device to be powered-on without a cable.
Ledger Recover – A new (albeit controversial) seed phrase recovery subscription service. Learn more here.
Click below to buy!
This guide will help you setup your Ledger Nano X and teach you the important features. In addition, we the most important question: Is Bluetooth Safe?
Cryptocurrency can be spent on the go with Ledger Nano X
One of the biggest features of the Ledger Nano X is the support for mobile phones (both Android and iPhone). The new Ledger Live app allows for both sending and receiving of all supported cryptocurrencies on the go.
The app connects directly to the Nano X via Bluetooth, so no cable is required. The device has a battery that allows it to be actively powered on for more than 8 hours (depending on use), so the Nano X can be brought out to send cryptocurrency on the go.
Portfolio mode allowsLedger Liveto display all available balances that is stored on the Ledger Nano X. This is accessible even if the hardware wallet is not present, so you can conveniently browse the portfolio. To send cryptocurrencies, the device must be present to sign the transaction via Bluetooth. It is important to remember that the private key to sign transactions never leaves the device or is transmitted via Bluetooth – only the signed transaction which cannot be altered (secure).
Ledger Mobile app showing the Ethereum address with verification from Ledger Nano X
Ledger Live Mobile also supports the installation of various apps for different cryptocurrencies via Ledger Manager, just like the desktop version. The mobile app boasts the same functionality as the desktop version with the notable exception that it does not yet allow firmware updates.
How to Add or Remove Apps on the Ledger Nano X
To use different cryptocurrencies on the Ledger Nano X, the app for that coin needs to be installed on the Ledger first. This is done via the Ledger Live app on either Windows, MacOS, Linux, Android or iOS. First install Ledger Live, connect the Nano X and enter the “Manager” interface. The app will require you to unlock the Ledger by entering your pin and entering the home screen. You will need to authorize Ledger Live by confirming “Allow Ledger Manager”. Once you are connected, you will see a list of different apps that are ready to be installed (if your list is shorter than in the following image, update the firmware of the Ledger Nano X).
Use Ledger Live to install new apps on the Nano X
Is Bluetooth Safe?
The simple answer is: Yes. One of the initial concerns (reddit) about the Ledger Nano X is communication via Bluetooth, a form of radio communication. The previous model (Ledger Nano S) only had cable connectivity, which would not expose the device to nearby attackers. Bluetooth is safe to use in this case because the device is never controlled via Bluetooth – instead it is only used to send unsigned and signed transactions. This means the private key (the key to all the funds) is not exposed and does not leave the device.
The Nano X operates with the assumption that the Bluetooth connection (which is a bearer, exactly like USB) is compromised. The addition of BLE doesn’t impact the security model. Transactions must always be physically verified on device by pressing both buttons. Moreover, on the Nano X screens and buttons are directly connected to the Secure Element (single chip architecture), which is also an enhancement of the general security design. (Valium)
On top of this, the Ledger Nano X functions assuming the Bluetooth is in “compromised” mode. This means it will never give any control to other external devices and communication is limited to transaction signing only.
Control Panel on Ledger Nano X allow Bluetooth to be turned On / Off
Keep your Recovery Phrase Safe!
There will be a sheet where you can write down your 24-word recovery phrase. This is the most important part because it acts as a backup to the device. You will need to keep it very safe because if someone gets access to that paper it is essentially the same as stealing your wallet.
Do not take a photo or have a digital copy of that list!
Write down your 24-word recovery phrase. The order of the words is also important.
After setting up the device, with it still plugged in, visit the Ledger Live website and download the app you want to use.
Follow the instructions on the site and use.
Note: after setting it up you will be navigating the device on your computer.
You can receive cryptocurrency even when the device is offline. Itâs only when you want to send that you need to connect the device and enter your PIN and login.
After inputting all the transaction details on your computer, as an additional security measure, you can double check the details on the device. Make sure the address and amount are correct and confirm.
Why use a Hardware Wallet?
With traditional currencies, you, the user, are the most important person. If you have ever lost your bank card, you can always go to the bank with some sort of identification and request for access back to your account.
Cryptocurrencies, however, donât care about the physical person but rather the private key associated with the wallet. The private key is used to verify the account and transactions. Anyone who has access to this key can send funds and that is why you must keep it safe. Another thing is that cryptocurrency transactions cannot be reversed.
Hardware wallets can protect you against these things. They add an extra layer of security by storing the private key on the device itself. The only way to hack it would be to have physical access to the hardware wallet or with the backup phrase.
Paper wallets offer arguably even more security. However, the process for setting them up and using it is very complicated. Hardware wallets strike a nice balance between security and convenience.
Is the Ledger Nano X Worth the Upgrade?
At a higher price point, many users are asking the question “Is the Ledger Nano X worth the Upgrade“. For us, the answer is depends.
If you use more than 3 apps, then consider upgrading. Coming with a much larger memory space, Nano X is able to store a lot more applications than the soon-to-be-retired Ledger Nano S. However, its updated model, the Nano S Plus, at a price of USD 79, is capable of storing up to 100 apps, making it much more competitive with the pricier Nano X. As of writing, the Ledger Nano S is only able to store 2-3 applications with Firmware 1.5.5 (such as Bitcoin and Ethereum app). Whilst you can get around this limitation by uninstalling unused apps, the constant switching often leads to confusion and time wasting.
If you need to send large amounts of Cryptocurrencies on the go. With Bluetooth support, the new Ledger can be used with Android phones and iPhones.
If more apps and mobility are not a big concern for you, stick with the Ledger Nano S or Nano S Plus.
Successfully set up your Ledger Nano X? Now it’s time to get started with trading Bitcoin and other cryptocurrencies! Check out my course created in collaboration with Jeff Kirdeikis of Uptrennd- Bitcademy: Learn, Invest & Trade Bitcoin â In Under an Hour
Ledger Nano X is the next generation of Hardware wallet with smartphone support, a larger screen and more storage space for Apps. Retailing for $119, the Ledger Nano X is great for newcomers or experienced traders trading more than 3 types of cryptocurrencies at at time or large volumes on the go. If more apps and mobility isn’t a big concern, stick with the Ledger Nano S.
In this review, we’ll be looking at the security, hardware design and cryptocurrency support of the Ledger Nano X to tell you if this device is worth purchasing or not. For Set-up and installation guides, check out our full Ledger Nano X guide.
CLICK BELOW TO BUY!
Key Features of the Ledger Nano X:
Ledger Nano X Video Review
Larger screen â Displays full cryptocurrency addresses without scrolling
More storage space â Install up to 100 different apps for different coins.
Rechargeable Battery â allows the device to be powered-on without a cable.
Ledger Recover â A new (albeit controversial) seed phrase recovery subscription service. Learn more here.
Latest features: stake, swap, earn and lend cryptocurrencies
Staking and earning
Ledger Live allows for staking Tezos ($XTZ), Tron ($TRX), Cosmos ($ATOM) and Algorand ($ALGO). Users can lock up these cryptocurrencies to secure their respective networks and in return they will be paid interest for doing so. This feature expands Ledger into more than just a secure place to store your cryptocurrency, it can even help you grow your digital assets.
Staking your digital assets can be done in 3 simple steps. First, freeze your assets by logging onto your Ledger Live, choosing the relevant account for the asset you wish to stake and click “earn rewards”. A popup window will then appear. There you will be allowed to select the amount in your wallet you wish to freeze. Secondly, vote for your validator(s) who will be making the blocks on your network and the cryptocurrency earned by making these blocks will be redistributed to voters. Lastly, claim your rewards by clicking “Claim” in your relevant account. Rewards are claimable every 24 hours.
Swapping
Ledger has released a Ledger Swap feature which allows users to exchange their cryptocurrencies through their partner Changelly. How this works is you send your cryptocurrency from your device to Changelly, and Changelly sends you back the swapped cryptocurrencies.
To use this feature you will need: Ledger device, Ledger Live, the app for the crypto you want to swap and receive, and finally the exchange app.
Lending
Ledger is working with Compound ($COMP) to allow users to lend DAI, USDT and USDC through Compound’s decentralised finance (DeFi) protocol. The purpose of doing is is that the lender could earn an Annual Percentage Rate.
Further, there are numerous benefits when using Ledger to lend:
Control: You have control and proof that the crypto you lend and generated interest belong to you. This is because lending on Ledger is done through Compound, and when you lend on the platform you get “cTokens” in return. These cTokens represent proof of your ownership of the cryptocurrencies lent and the interest generated. These cTokens are stored by you until you want your lent assets and interest back, and in which case all you need to do is to send the cTokens back to the smart contract.
Security: cTokens are stored on your ledger hardware wallets.
Convenience: Compound’s lending features are available directly through Ledger Live.
Lending crypto using Compound and Ledger Live is done in 3 simple steps. Firstly, on Ledger Live’s Manager, install the application for the cryptocurrency you want to lend and create an account. Secondly, enable your account to authorise Compound’s smart contract to interact with your account. Finally, select the amount of cryptocurrencies you want to lend and issue a transaction to Compound, verify and approve the transaction on your device.
Security features
One of the key reasons to buy Ledger hardware wallets is the firm’s reputation for security. The Nano X contains a two processor chips:
Secure Element: ST33J2M0 (secure) is independently certified and stores the private key and signs transactions
Operating system: STM32WB55 chip is responsible for Ledger’s BOLOS proprietary Operating System.
Secure elements are separate pieces of hardware (second layer of security) with their own storage and limited functionality that cannot be breached by hackers. This means that even if the Ledger Nano X is connected to a compromise device – like a hacked laptop or phone, the private keys (=access to crypto funds) is never compromised. Devices like the Trezor One and Model Tdo not have secure elements and only have a single layer of security.
Ledger Nano X Teardown showing CC EAL 5+ Secure Element Chip
The Ledger Nano X also has the same BOLOS operating system that is found on the Nano S. BOLOS ensures that addresses are displayed properly on the device and handles connections to external devices.
Similar to the Nano S, users can set up wallets protected by a passphrase in addition to your primary PIN code. So say a thief demands you to unlock your device, you can give them the PIN code to access wallets with fewer funds. Whilst hiding the bulk of your crypto assets behind passphrase protected wallets.
The Nano X has the addition of Bluetooth support. Unfortunately Bluetooth’s security record is not spotless, and presents a new vector of attack for the device. Ledger CTO Nicolas Bacca has stated during an interview that Bluetooth on Ledger functions assuming the connection has been compromised – at no point will it be able to take over the device.
Bluetooth can be turned off on the Ledger Nano X
In October 2019, the Nano X received CSPN (First Level Security Certificate) certification issued by the ANSSI (National Agency for Information Systems Security). Currently, of all the cryptocurrency hardware wallets on the market, only Ledger’s Nano S and Nano X have this certification. The certification scheme evaluates multiple aspects of a device’s security including firewall, identification, authentication and embedded software by putting it through multiple attack scenarios.
Ledger hack
In July 2020, Ledger confirmed they suffered a data breach whereby an unauthorised third party accessed Ledger’s e-commerce and marketing database. As a result, around 1mil email addresses were exposed, and of those, 9,500 customers’ had further information exposed such as their first and last names, postal address, phone number and ordered products.
Ledger had reported the matter to authorities and are working with Orange Cyberdefense to investigate the matter. The team are also constantly monitoring for evidence of the data being sold on the internet.
Subsequent to the data breach, users have been reporting receiving phishing emails and texts by asking them to download a new version of the Ledger software. If users click on the link in the email, they will be redirected to a fake cloned version of the Ledger site. Afterwards, if users download the “update”, which is in fact a malware, it would ask users for their Ledger’s recovery phrase. The entered recovery phrase is then used by the attacker to recover the user’s wallet and send the user’s cryptocurrencies to the attacker’s wallet. For a full explainer on how the phishing attack works see the report from Kraken.
Phishing email sent from info@ledgersupport.io address
We do note that this can be more accurately characterised as a “data breach” rather than a hack. More importantly, this breach had no link or impact on the Ledger hardware wallets or the Ledger Live app. Cryptocurrencies stored on the Ledger devices have never been at risk.
Ledger has one of the most diverse support for different cryptocurrencies such as NEO, Vechain and Monero. With their open policy to development from project teams, the Ledger nano X supports 1100+ different assets. Many of these assets like Vechain or NEO are not found on competitors like the Trezor Model T or KeepKey, making Ledger the only hardware wallet available for many coins. The rule of thumb here is that the Nano X will support the same assets as the Ledger Nano S.
Installing Ledger Live
Ledger Live application interface
Ledger has a native application called Ledger Live to allow you to access cryptocurrency accounts (including Bitcoin, Litecoin Ethereum and other cryptocurrencies). Ledger Live is available on multiple platforms including Windows, MacOS, Linux, Android and iOS. We found the Ledger Live app easy to use as it clearly displays cryptocurrency assets with historical charts. Sending cryptocurrencies is extremely easy with step-by-step operation which clearly displays the sender and receiver addresses. There are also advanced features to manually customise the transaction fee in sat/byte.
How many coins can Ledger Nano X Hold?
One of the weakness of the Nano S is the lack of space for installed applications. The Ledger Nano X fixes this problem by increasing the internal memory to 2 MB. In our tests we were able to install all 73 available apps on the device (Ledger claims up to 100+). It should be noted that app storage is a convenience feature – apps will still retain their accounts / cryptocurrency balances even if uninstalled.
Does Ledger Nano X support Ethereum and ERC-20?
In September 2019 Ledger added a native Ethereum Wallet to its latest Ledger Live v.1.14.0 which adds support for 22 coins and over 1,250 ERC-20 tokens. This allows for direct access to tokens and ethereum whilst on the go without the need for a 3rd-party interface like MyEtherWallet. This is a welcomed upgrade to Nano X users who previously had to use different interfaces depending on the cryptocurrency you wanted to interact with. It will also certainly be welcome to newcomers to cryptocurrency, who may be confused by the different interfaces.
One of our complaints is that Ledger Nano X has to enter each app separately account – something that is not necessary on the Trezor Model T.
Is Ledger ready for Ethereum 2.0?
Ethereum 2.0 is coming soon with the first Phase 0 Beacon Chain to be launched in December 2020. Leading up to this, Ethereum stakers need to deposit at least 32 Ether onto the Beacon Chain using a deposit contract. Therefore Ledger has updated the Nano X’s new firmware version 1.2.4-5, in which the Ethereum application update to version 1.6.0 allows users to sign a deposit contract transaction directly on the Ledger Nano X. This feature is EXCLUSIVE to the Ledger Nano X.
In the future, users would be able to use their Ledger Nano X to derive an Ethereum 2.0 public key and validate that the withdrawal public key used in the deposit contract does actually belong to the Ledger device. The Ledger team are also working on a second Ethereum application which would allow stakers to securely sign blocks on the Beacon Chain.
5/5 Multi Currency Support
Hardware Design
Input is made with the two circular buttons
The new Ledger Nano X has two hardware buttons – hidden in the circular design of the cover pivot. These two buttons allows us to access menus (hold both buttons), make selections (press both buttons), and even input recovery phrases (use buttons to scroll). We found that entering PINs and recovery phrases to be tedious with only 2 buttons – perhaps a touchscreen or additional buttons could of helped.
Nano X has a larger screen with higher resolution. This means that full cryptocurrency addresses could be displaced without scrolling – something that was sorely lacking in the Nano S.
The Nano X uses a modern USB-C interface for charging and connecting to the PC. This is a welcomed upgrade as the computing world migrates to USB-C.
The Nano X also now comes in 3 colours: Onyx Black, Blazing Orange and Cosmic Purple.
Ledger Nano X can be used with mobile devices, and transactions can be sent on the go using the Ledger Live app on mobile. We found this feature to be very situational. Whilst it is helpful to be sending crypto on the go with the security the Nano X provides, the convenience is lacking when compared to mobile wallets like the Enjin Wallet. A separation confirmation set is needed: unlock device via PIN, enter the cryptocurrency app, check and confirm the transaction. This feels tedious and not suitable for simple coffee purchases or small transactions. What does make sense is perhaps large purchases (a car or house?) or token sale investments. However, the question remains, how frequently do we need to send large amounts of crypto on the go?
How do you Update the Ledger Nano X
Ledger periodically releases updates for the Ledger Nano X to improve security, functionality and coin support. In fact, firmware updates are required in order to get support for the latest cryptocurrencies. In order to update the firmware, plug the Nano X into your computer and run the Ledger Live app. The app will automatically display your version number and show any available firmware updates. To initiate the update, click the update button and confirm the installation in the Nano X by pressing down both buttons when prompted to “allow ledger manager” to access the device.
Ledger Nano X worth the upgrade?
At $119, the Ledger Nano X is not a budget device – it commands a certain price premium making the upgrade decision harder for many users. For many, the deal breaker convenience features – the large screen that displays full cryptocurrency addresses and larger storage for more apps. If these features are important for you, then the Nano X is worth the upgrade. However, if you only need a few apps, the budget friendly Ledger Nano S is a better option at $59.
Ledger Nano X compared with Trezor Model T
Ledger compared to other Hardware Wallets
The biggest difference between the Ledger Nano X and the Trezor Model T is the screen and supported coins. The Trezor Model T has nice touch screen which helps with entering PIN and the security phrases. However, the Trezor has fewer supported coins and usually projects tend to release Ledger support first. The following table is a comparison between various hardware wallets, including the release date, external security certification (if any), release date and our review rating.
At the end of the day, choosing between the Ledger Nano X and other hardware wallets is mostly based on 1 question – are the cryptocurrencies you want supported on the device. Support for a large number of coins has always been Ledger’s strong suit, along for browser support in Decentralized exchanges (Binance DEX, IDEX and Switcheo)
Can you keep your coins when upgrading from the Ledger Nano S to Ledger Nano X? Yes. When doing the upgrade, choose to “restore” option during setup and enter the 24 word recovery phrase from the Ledger Nano S backup
Can the Bluetooth Feature be turned Off in Ledger Nano X? Yes, Bluetooth can be disabled in the Control panel. This will disable Bluetooth communications and only allow the Ledger the communicate via the USB cable. You can access the panel by holding down both buttons for 3 seconds.
Can many apps can you install on the Ledger Nano X? We found that the Ledger Nano X can hold all 73 Apps currently available on the Ledger Manager. There is even more storage available for future applications.
Why does the Ledger Nano X Bitcoin Address change? Ledger includes a feature to automatically generate a new Bitcoin address each time an old one is used. This increases the privacy of transactions, as different addresses are used for new transactions. Old addresses can still be used as the Ledger contains full access (include future access) to these funds.
How do you generate a new public address for receiving funds New Public addresses are automatically generated when old ones are used (the address receives or sends a transaction).
What is the latest Ledger Firmware Currently the latest firmware is 1.6.0
Will the Coronavirus (COVID-19) pandemic affect Ledger? Ledger has issued a statement saying they have in place business continuity measures to ensure they continue to have inventory and products to ship to its customers. They are however experiencing some backlog in their customer service side but are working to ensure that customer’s concerns are answered. You can check the operational status of their systems here. Inevitably there may be issues with shipping products to customers, they are still able to ship to most countries though some customers may experience limited shipping options. Check here to see if shipping to your country may be affected.
Just got a new Ledger Nano X? or always been curious about getting started with Bitcoin and other cryptocurrencies? Check out my course created in collaboration with Jeff Kirdeikis of Uptrennd- Bitcademy: Learn, Invest & Trade Bitcoin – In Under an Hour
Ledger, one of the top hardware wallet providers, has announced the launch of its new Ledger Stax wallet in partnership with Tony Fadell, co-creator of the iPod and iPhone. This is a significant initiative as Fadell being one of the world’s foremost tech engineer is stepping in to bring clarity and confidence to owning digital assets following the collapse of FTX.
Pre-order your Ledger Stax Wallet here!
Key Features of Ledger Stax Wallet
Fadell realized that existing hardware wallets are difficult to use for mass consumers. Therefore, he drew inspiration from his iPod design to bring a more user-friendly experience for wallet users.
Ledger Stax resembles a small smartphone and has a monochromatic E ink display which covers the front and curves around the spine. That way users can easily view complete transaction details as well as their NFT collections even when the wallet is off. This works in conjunction with integrated magnets, allowing multiple Stax devices to stack, hence its name. This is particularly useful for Ledger owners who have different portfolios since they can look at the labels displayed on the spine, like books on a shelf.
Stackable Ledger Stax wallets with displayable screen on the spine (Source: Ledger)
Users can store more than 500 cryptocurrencies or NFTs on Ledger Stax. Developers are also planning to allow users to explore Web3 applications through the Ledger Live app. Users can connect the Ledger Live app on (1) laptops via secure USB-C or (2) smartphones via bluetooth. This new user interface will enable clear and intuitive interaction for all mainstream users.
Ledger Stax also has good energy efficiency and supports wireless Qi charging. Its battery can last as long as few months with a single charge.
How to Get Ledger Stax Wallet?
Ledger Stax is now available for preorder at $279 and will begin shipping by the end of March 2023. It will also be available from select retailers such as Best Buy in the U.S. Those who purchase the wallet will also receive an Infinity Pass, which provides users with a free utility NFT.
Additionally, a Ledger Stax NFT Bundle is available to mint on [Ledger] Market for 0.22 ETH to redeem a free Ledger Stax device. It also unlocks access to exclusive NFT artwork from Ledger’s network of hand-picked artists. However, Genesis Pass holders and PREMINT Collabs have special mint-priority, and there are only 10,000 bundles available.
Key Takeaway
âNot your keys, not your cryptoâ â there is a great risk of losing all your crypto if you park it on a centralized exchange. Hardware wallets are great self-custodial solutions because only you have control over your funds. But the problem is it can be quite daunting to operate one, especially for beginners.
Ledger Stax will revolutionize this by bringing the familiar user experience of smartphones into hardware wallets. This is a big step towards a decentralized financial future as more people are opting for self-custodial solutions. If you are interested in other hardware wallets, feel free to check these out:
Pre-order your Ledger Stax for only $279 and get it by end of March 2023!
What is the Ledger Stax wallet?
The Ledger Stax wallet is a new hardware wallet developed in partnership with Tony Fadell, co-creator of the iPod and iPhone. It has a unique and innovative design in the style of high-end Samsung cell phones, and lets users view their NFT collections even when the wallet is off.
When will the Ledger Stax be available for sale?
Ledger Stax is now available for reorder at $279 and will begin shipping by the end of March 2023.
What features does the Ledger Stax offer?
The Ledger Stax wallet is an easy-to-carry device about the size of a credit card, which allows users to store more than 500 cryptocurrencies or NFT collections. It also features an E-Ink touchscreen for viewing NFT collections, and a battery that can last for weeks or even months with a single charge.
Are there any incentives for purchasing the Ledger Stax?
Yes, those who purchase the wallet will be eligible for various prizes, such as a âMagnet Shellâ protective case and an NFT from the “The Art On Ledger Stax Collection.”
Trezor One was launched on 29 July 2014 and was the first-ever cryptocurrency hardware wallet. This wallet brought an unprecedented level of security to the burgeoning cryptocurrency field. As such, it paved the way for subsequent upgrades in this field.
You can also check out my video unboxing and guide below.
Key Features
Clear screen â The Trezor One features a clear monochrome screen. Trezor uniquely allows you to customise your home screen.
Integrated exchange support– The device has integrated exchange support so users can trade seamlessly.
Proven security– Trezor One, being one of the original wallets has a track record of security.
Security Features
The security features of the Trezor Model One begin in its packaging. The device is inside a completely sealed box together with a hologram sticker. Be sure to only buy your device from the official website. If your box seems to have been tampered with, DO NOT use it and contact their customer support immediately.
Similar to the newer Trezor Model T, passwords on the device are individually locked with the Trezor Password Manager using a userâs digital keys. The device also functions as a U2F hardware token. This allows Trezor to utilize the screen and inform users about any authentication requests before approving them.
The device is protected with a private key recovery phrase. This is a 24 word phrase to restore your device.
NOTE: You should write down the phrase offline and keep it in a safe place. It is extremely important to keep this phrase outside the view of any camera as anyone can use it to restore your device and steal your funds.
For daily use, the wallet features a security PIN to use the Trezor One. Once your device is connected, the digits 1 through 9 show up in randomised order. You then go to your computer and enter your PIN code based on the location of the digits on your device screen. This is an extra layer of security to prevent keyloggers.
An extra layer of security is the Trezor’s passphrase feature which allows users to generate a new wallet. If you enable this feature, you will be required to enter your passphrase in addition to your security PIN to access those specific wallets.
So say a thief demands you to give them access to your device. You can give them your PIN code which accesses a wallet with fewer funds. Whilst keeping the bulk of your crypto assets stored safely behind passphrase protected wallets.
Can the Trezor One be hacked?
Kraken Security Labs announced they devised a new way to hack into Trezor devices within 15 minutes of physically having the device. They did this through voltage glitching using a device and cracking the PIN code using a custom Python script, which will reveals the recovery seed. According to them, the attack makes use of inherent flaws within the Trezor’s microcontroller. So it will be difficult for Trezor to fix this vulnerability without redesigning the hardware and putting out a new device.
In reply, Trezor noted that the attack cannot work remotely and if users turn on the passphrase feature on the device. Trezor also reassured users that physical access is only a threat to 6-9% of cryptocurrency users.
Trezor Model One 1.9.0 firmware update- does it fix the Kraken Security Labs hack?
In mid-April 2020 the Trezor One announced their latest firmware update to ver. 1.9.0 which features some updates on their security measures. Before we answer whether it can resolve the 15-minute hack devised by Kraken Security Labs earlier this year (see above section), let’s take a look at what these features are.
The new updates include 2 passphrase updates which firstly, allow temporary passphrase caching so you can switch between your various passphrase protected wallets when using the device. The passphrase cache is only temporary, so once you disconnect the device, nothing is saved. Secondly, users will now be asked to choose how to enter their passphrase on the device itself, rather than on your computer or phone.
A notable new features is the wipe code which acts as a “self-destruct PIN”. When entered either on the device itself or your computer or phone, the wipe code erases all private data from your Trezor and resets the device to the factory defaults. Trezor suggests users can write the wipe code somewhere near your device as a decoy PIN, so if a thief tries to unlock your device, they will make the Trezor erase itself.
It is also specifically noted that the latest firmware updates include a SD card protection feature exclusive to the Trezor Model T. See here to read more about the Model T’s firmware 2.3.0 updates.
From our research, Trezor has not directly responded whether their latest security firmware update fixes the hack devised by Kraken Security Labs. As mentioned previously, the vulnerability identified by Kraken cannot be resolved unless the hardware is redesigned. So the latest firmware updates can only indirectly give hackers have a harder time accessing your device but not resolve the core vulnerability. The fact that it only took Kraken 15 minutes of physical access to the device to hack it, and their suggestion that the glitching tool could be mass produced for sale at around USD$75 continues to be extremely worrying. For this reason, whilst we appreciate Satoshi Lab’s efforts to continue improving the device we cannot reinstate the security score given to the Trezor prior to the Kraken hack being discovered.
Security 3/5
Multicurrency Support
Trezor One has support for around 1000 coins including BTC, BCH, Litecoin, Ethereum, Dash, Zcash and Stellar. However, of the most common coins on the market, it does not support Ripple (XRP), Cardano (ADA), Solana (SOL) and others.
Trezor One supports most major altcoins…with a few exceptions
This can be a limitation in comparison with more recent hardware wallets.
The Trezor One is relatively compact at 2.36 x 1.18 x 0.27 inches (60x30x6mm), and weighs 0.42oz (12 grams).
It has an 128×64 pixel OLED monochrome display. Despite the screen being small, it is still better than the Ledger Nano S in that cryptocurrency addresses can fit entirely on the screen.
Trezor has the unique feature where you can personalise your home screen. Your device can show off your personality by choosing from 1 of the default pictures or uploading your own.
You can customise your own home screen
The device has two physical buttons to help users navigate the wallet functions.
It relies on USB type-B for connection to the computer. However, the cable provided is quite short, which can be inconvenient when using the device with your computer.
The included USB cable is quite short
In terms of portability, the device is conveniently small and can easily fit into your pocket. Additionally, some people would enjoy the home screen customisation function.
Hardware design 4.5/5
Ease of use 4/5
Mobility
The device supports laptops and Android mobile devices. There is currently no support for iOS. Users will need to download the software, Trezor Manager from the Google Play Store. This enables users to use the app to send cryptocurrencies, generate addresses, and view their account details.
It also supports integration with Bitstamp and Bitex exchanges. So users can sign in and send cryptocurrencies to these exchanges directly using the device.
Trezor One: Worth it in 2022?
The device is by no means outdated. Save for a few major altcoins as outlined above the device still supports most major cryptocurrencies.
Unless you really want the colour touchscreen of the Trezor Model T, this older Trezor One device still does what most casual cryptocurrency traders need it to do.
And the lower price point is definitely an attractive factor.
Verdict
Trezor One
The wallet supports most major cryptocurrencies. However, the lack of support for Ripple (XRP), Cardano (ADA), Solana (SOL) and a number of later ERC-20 coins is a serious disadvantage.
Some will appreciate the recent IDEX, Switcheo and other DEX integrations as an added bonus.
Lack of iOS support is also problematic, though this is for any Trezor device.
The device has a decently sized screen. Whilst not as nice as the colour touchscreen of the Trezor Model T, the buttons make it easy to use. Being able to see the entire address on-screen is a huge plus.
Some users may be enticed by the ability to customise your home screen which is a feature unique to Trezor devices only.
Updated on 10th March 2020 on the device’s security concerns. Updated on 14th May 2020 on the Trezor One’s firmware 1.9.0 update and whether it can resolve the hack devised by Kraken Security Labs.
Ledger Nano S was first released in 2016 with more than 3 million units sold around the world. Ledger announced that they will retire the Nano S in June 2022. This is to let its new and improved version, the Nano S Plus, take its place going forward. Even though Nano S will stop production, firmware upgrades for it will keep rolling out in the future.
The final (and special) edition was called Ledger Nano S Final Edition. It came with a POAP card that allows you to claim an exclusive NFT created by the artist âwhat is real?â. However, it is sold out.
We recommend you get the upgraded Ledger Nano S Plus as it has added DeFi and NFT friendly features. Check out our review of the Nano S Plus here.
Ledger Live allows for staking a growing number of coins, including ETH (Ethereum), SOL (Solana), ATOM (Cosmos) and DOT (Polkadot). Users can lock up their cryptocurrencies and in return they get interest. This feature expands Ledger into more than just a secure place to store your cryptocurrency. It can even help you grow your digital assets.
Depending on the coin, staking can be done natively on Ledger Live, or through a dedicated wallet. For example Yoroi Lite for ADA (Cardano). Staking is done in 3 simple steps for coins that can be staked on Ledger Live.
First, freeze your assets by logging onto Ledger Live. Choose the relevant account for the asset you wish to stake and click âearn rewardsâ. A popup window will appear. There you will be allowed to select the amount in your wallet you wish to freeze. Secondly, vote for your validator(s) who will be making the blocks on your network. The cryptocurrency earned by making these blocks will be redistributed to voters. Lastly, claim your rewards by clicking âClaimâ in your relevant account. Rewards are claimable every 24 hours.
Swapping
Ledger has released a Ledger Swap feature which allows users to exchange their cryptocurrencies through Challengly, Wyre, Paraswap and 1inch. You send your cryptocurrency from your device to the exchange, which will then send you back the swapped cryptocurrencies.
To swap you will need: Ledger device, Ledger Live, the app for the crypto you want to swap and receive, and the exchange app.
Lending
Ledger is working with Compound (COMP), Aave (AAVE) to allow users to lend DAI, USDT and USDC through their decentralised finance (DeFi) protocols. The purpose of doing this is that the lender could earn an interest on their loan. Ledger Live has also integrated with Alkemi Earn. This is a lending-borrowing protocol that utilizes a permissioned liquidity pool of digital assets comprising ETH, wBTC and stablecoins. The purpose of which is to generate yield for liquidity providers.
There are numerous benefits when using Ledger to lend:
Control:Â You have control and proof that the crypto you lend and generated interest belong to you. When you lend on Compound, you receive cTokens as proof of ownership of lent cryptocurrencies and generated interest. You can redeem your assets and interest by sending cTokens back to the smart contract.
Security: cTokens are stored on your ledger hardware wallets.
Convenience: Compoundâs lending features are available directly through Ledger Live.
You can lend crypto using Compound or Aave and Ledger Live in 3 simple steps. Firstly, on Ledger Liveâs Manager, install the application for the cryptocurrency you want to lend and create an account. Secondly, enable your account to authorise Compound/Aaveâs smart contract to interact with your account. Finally, select the amount of cryptocurrencies you want to lend and issue a transaction to Compound/Aave. Verify and approve the transaction on your device.
Security Features
Ledger Nano S features 2 hardware chips: ST31H320 & STM32F042
One of the key reasons to buy Ledger hardware wallets is the firms reputation for security. Cryptocurrencies hardware wallets are like bank accounts – they contain full access to funds and need banking grade security. Ledger Nano S contains two hardware chips:
Secure Element: ST31H320 (secure) is independently certified CC EAL5+ and stores the private key and signs transactions
Operating system: STM32F042 chip is responsible for Ledgerâs BOLOS proprietary Operating System.
Secure elements are separate pieces of hardware (second layer of security). Secure elements have their own storage and limited functionality that hackers cannot breach.
Even if hackers or malware compromise your computer, the Ledger will still keep your cryptocurrencies secure. Devices like the Trezor One and Trezor Model T have chosen not have secure elements. And so only have a single layer of security.
The Nano X, Nano S Plus and Nano S are the only cryptocurrency hardware wallets to receive CSPN (First Level Security Certificate) certification. This is issued by the ANSSI (National Agency for Information Systems Security). The certification scheme evaluates multiple aspects of a deviceâs security. For example firewall, identification, authentication and embedded software by putting it through multiple attack scenarios.
Similar to the Nano X, users can also protect their funds using a PIN code and passphrase. The PIN code is to generally unlock your device to use it. Whilst you can also set up wallets protected by a passphrase in addition to your primary PIN code.
If someone threatens you to unlock your device, you can give them the PIN code to access wallets with fewer funds. Meanwhile, passphrase protected wallets contain the bulk of your crypto assets.
Ledger firmware version 1.6: security enhancements
24 words recovery phrase confirmation has been simplified and shortened. Now for each of the 24 words of the recovery phrase, users will only choose among 4 words. Therefore making it much easier to get through the process;
The Nano S now has the Control Center feature that was originally on the Nano X. Allowing for functions such as accessing settings, locking device or deleting applications possible directly on the device;
Added support for Bitcoin Taproot upgrade;
Added support for the seed derivation algorithm EIP-2333. Thus allowing you to securely sign a deposit contract transaction for Ethereum 2.0 on your device;
Before the firmware update. The power consumption is in a predictable pattern.After the firmware update. The device consumes power in an unpredictable pattern and inverts the PIN code display.
After the update, we find that being unable to enter PIN code digits in order anymore may be slightly inconvenient. However with cryptocurrencies, security always comes up top over convenience. And with the added partial screen inversion, we see that Ledger’s bounty program is not just a PR stunt. Ledger actually looked into submissions and made the security improvements even when the suggested hack was only hypothetical.
Ledger Hack?
In July 2020, Ledger confirmed they suffered a data breach. An unauthorised third party had accessed Ledgerâs e-commerce and marketing database. (www.gamepur.com) Ledger collaborated with forensic firm Orange Cyberdefense and determined that the data breach affected around 292,000 customers and exposed approximately 20,000 customer personal records.
Ledger had reported the matter to authorities and are working with Orange Cyberdefense to investigate.
Subsequent the breach, users have reported receiving phishing emails and texts. These emails and texts ask users to download a new version of the Ledger software. Clicking the email link redirects users to a fake Ledger site. If users download the “update”, it asks for their Ledger’s recovery phrase but is actually malware. The attacker uses the entered recovery phrase to recover the user’s wallet and sends the user’s cryptocurrencies to the attacker’s wallet. For a full explainer on how the phishing attack works see the report from Kraken.
Phishing email sent from info@ledgersupport.io address (Image credit: Kraken)
Therefore this incident was a âdata breachâ rather than a “hack”. More importantly, this breach had no link or impact on the Ledger hardware wallets or the Ledger Live app. Cryptocurrencies stored on the Ledger devices have never been at risk.
Even before the firmware update, the Nano S scored full marks on security. We also note that the hack does not affect the Ledger device itself, so our scores remain unchanged.
Ledger has one of the most diverse support for different cryptocurrencies such as Algorand (ALGO), Solana (SOL) and Chainlink (LINK). With their open policy to development from project teams, the Ledger Nano S supports 1800+ different assets. Many of these assets like Vechain or NEO are not found on competitors like the Trezor Model T or KeepKey. Thus making Ledger the only hardware wallet available for many coins.
One of the initial weaknesses of the Nano S was that it only fit 2-3 apps on the device. However Firmware Version 1.6 allowed users to install 5-11 apps (depending on the type of app installed). This will certainly answer the prayers of a lot of average cryptocurrency holders who generally hold around 5-10 different coins.
If you need more apps, you can uninstall the ones you’re not using and reinstall them later. Uninstalling apps won’t delete coins and all account information will remain. The newly released Ledger Nano X fixes this problem by increasing the internal memory to 2 MB.
Ledger’s firmware update directly addressed a significant weakness in the Nano S. Whilst it still can’t beat the Nano X in terms of multi-currency support, it is good enough for most traders. For this reason, we give our thumbs up and bumped the score up from 4/5 to 4.5/5 for multi-currency support.
Multi-Currency Support: 4.5/5
Hardware Design
Ledger Nano S compared with Nano X
Ledger Nano S has two hardware buttons â located on the top of the device. These two buttons allows us to access menus (hold both buttons), make selections (press both buttons). And even input recovery phrases (use buttons to scroll). We found that entering PINs and recovery phrases to be tedious with only 2 buttons. Perhaps a touchscreen or additional buttons could have helped?
With the update 1.6, the Ledger Nano S has an improved display UI. So, the device displays the full cryptocurrency address without the need to scroll. This allows for easier verification of the target destination. The Nano S uses a USB micro-B interface for charging and connecting to the PC.
With its plans to continue its firmware upgrades in the future, clearly the Ledger will never fully abandon the Nano S.
Hardware Design: 3.5/5 Ease of Use: 4/5
Why Use a Hardware Wallet
With traditional currencies, you, the user, are the most important person. If you have ever lost your bank card, you can always go to the bank with some sort of identification and request for access back to your account.
Cryptocurrencies, however, don’t care about the physical person but rather the private key associated with the wallet. You use the private key to verify the account and transactions. Anyone with access to the key can send funds, so you must keep it safe. Additionally, you cannot reverse cryptocurrency transactions.
Hardware wallets can protect you against these things. They add an extra layer of security by storing the private key on the device itself. The only way to hack it would be to have physical access to the hardware wallet or the backup phrase.
Ledger Nano S Worth it in 2023?
In short, the answer is: not really. Ledger has retired the Nano S and even the Ledger S Final Edition. Both are no longer available for sale on the official site. This means that the only places where you’ll be able to buy them are 3rd party sellers or second hand. We highly advise against both options because someone might have tampered with the device.
Mind you, Ledger will continue to support the Nano S’s firmware so it stays up-to-date. If you were lucky enough to buy the Nano S while it was still available, it is still worth using. Unless, you want the upgraded DeFi and NFT features. If not, your only choice is to get a Nano S Plus. Although this costs an extra 20USD, they did add upgrades to make it worth your while.
64-bits desktop computer (Windows 8+, macOS 10.8+, Linux) excluding ARM Processors. Also compatible with smartphones (iOS 9+ or Android 7+) via OTG cable.
