In 2023, Ledger, the most popular hardware wallet in the crypto industry, released a new feature called Ledger Recover. This one feature completely threatens the whole point of having an offline wallet and Ledger’s PR department has been facing a difficult time ever since. A hack that compromised DeFi platforms using code developed by Ledger in December 2023 further exacerbated the situation. In this comprehensive Ledger wallet review, I will walk you through what Ledger is and how you can use it. We’ll be taking a look at the main benefits that the wallet offers and what its drawbacks are. We’ll also dive into whether the new Ledger Recover feature is something to be concerned about or not. At the end of this review, you will have a good sense of whether Ledger is for you or not.
Overall Rating 4.5/5
Ledger is by far the best hardware wallet I have come across. Its custom OS, secure chip, and on-device encryption make it one of the most secure hardware crypto wallets out there. The launch of the optional Recover feature increases my likelihood to purchase the device as it makes it idiot proof and I frequently misplace or lose stuff. If you are looking for a wallet for maximum security then Ledger is for you. Some of the drawbacks are that it is not the best wallet for mining and not the best for participating in DeFi.
Update: Ledger was hacked in December 2023. More on that further down.
What is Ledger?
Ledger is a hardware wallet that resembles a USB stick made of stainless steel and encrypts your private keys on the device.
What makes Ledger devices secure is that they are not connected to the internet.
This makes them way harder to hack from a distance.
But they are also impossible to hack even if you have access to the device.
Ledger stands apart from other hardware wallets in that it uses a custom tamper-resistant chip called Secure Element.
Let’s take a look at how Ledger devices work
How does a Ledger device work?
The first time you set up a Ledger wallet your device will generate a 24-word seed phrase.
The order matters.
What seed phrases do
You can create an infinite number of public and private key pairs from this seed phrase.
So using the same seed phrase you could create:
- 3 public-private key pairs for the Ethereum Network
- 2 public-private key pairs for the Bitcoin network
- and 5 for Solana.
Each of these pairs lives on a blockchain ledger and is called an account to which you can send crypto.
Ledger has software called Ledger Live to help you set up the accounts or you can use a compatible third-party wallet if you prefer.
Ledger accounts explained
The public-private key combination allows you to send and receive crypto on a blockchain. The public key, also known as a public address, is a long alphanumeric string that is shareable for anyone to see. Anyone can send you the corresponding cryptocurrency to it.
You can think of a public address like your hotel room number. Anyone can send you food to your room (crypto) but only you can enter it with your electronic card (private keys).
The other thing to note about public addresses is that you need a separate one for each blockchain.
A Bitcoin public address can only receive Bitcoin, a Cardano public address can only receive ADA, and so on.
If you use a blockchain scanner, like Etherscan for Ethereum, you will be able to see what transactions any public address has ever performed on the Ethereum blockchain.
It’s all out in the open.
Suppose you were to ever link the public address to a person’s name, that’s it. That person’s entire history of transactions with that address would be exposed.
Ledger supports more than 5,500 coins and tokens so you are pretty much covered for any cryptocurrency.
The private keys allow you to move the crypto from one address to another. Anyone who can access your private keys can access your funds.
Now any computer geek can derive all your accounts from your seed phrase. If you Google it you will also be able to do the same. It’s not complicated. This is why it is imperative that you store your seed phrase somewhere safely.
Secure element explained
Ledger encrypts your private keys and seed phrases on your device using a secure element chip. This is the same type of chip that credit cards, passports, and your phone’s sim card use.
It is much harder to hack than the type of chips you find in washing machines or TVs.
If you want to dive into the weeds, Ledger has a detailed article on the types of attacks that their chip protects you against.
Ledger argues that the two other chips used in the industry are not as secure
- MCU chips are used by Trezor and KeepKey hardware wallets. These are the same kind of chips you will find in your microwave oven and toaster. MCU chips are vulnerable and if a sophisticated attacker were to have physical access to a wallet using an MCU chip it would be easy for them to hack the device and derive the seed phrase. For this reason, Trezor devices request that you set up a password which just adds another layer of hassle because then you need to make sure that is safe too.
- Safe memory chips are considered hardier and are used by wallet manufacturers such as ColdCard and Bitbox. Ledger argues that these types of chips are not certified. Secure Element chips are certified by an independent agency. The one Ledger uses is CC EAL 5+ ( Common Criteria Evaluation Assurance Level 5+) which means they have the highest level of security.
In addition to the Secure Element chips being certified Ledger’s hardware is also certified by an independent agency called ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) which is a French cyber security agency.
The Ledger comes in 3 models:
- The Ledger Nano S plus,
- the Ledger Nano X,
- and the soon-to-be-released Ledger Stax
Ledger Nano S Plus at a glance
The Nano Ledger S Plus is the next-generation version of the previous model, the Ledger Nano S wallet that is no longer promoted on their site.
The S Plus comes in 5 color combinations:
- Matte Black,
- Pastel Green,
- Amethyst Purple,
- Ruby Red,
- and Retro Gaming.
The S Plus is Ledger’s cheapest model. Its distinguishing feature is that it has the buttons on the side and that it’s the smallest device available. The Nano S Plus has the same capacity as the other devices but you won’t be able to use it if you want to connect to the Ledger Live app on your iPhone as it is only compatible with Android phones.
- Compatible with desktop devices on Windows 10/11 and MacOS Big Sur/Monterey/Venture and smartphones running on Android
- USB-C cable
- Size: 62.39 x 17.40 x 8.24mm
- Small buttons inlaid on the side of the device
Bottom line: Get this if you are looking for the cheapest no-frills option and you use an Android device. This secure hardware device has enough storage space to answer all your needs and really the features offered by the other models are nice to have but unnecessary. Is it for your grandmother? no. The Nano S is slightly hard to grasp and click on the physical buttons simultaneously if you have fidgety hands.
Ledger Nano X at a glance
Priced between $149 and $155 the Nano X is available in 5 colors:
- Onyx Black,
- Pastel Green
- Amethyst Purple
- Ruby Red
- and Retro Gaming
What sets the Nano X apart from the S Plus is that the device and screen are slightly larger and the buttons are inlaid on the front.
See the circles on either side? Those are the buttons.
Also, the Nano X connects to the Ledger Live app on both your Android and iOS phones via Bluetooth.
- Desktop (Windows 10 / 11, macOS Big Sur / Monterey / Ventura, Ubuntu LTS 20.04 / 22.04) and Mobile phones running on Android 10+ or iOS
- Connect via USB-C or Bluetooth
- Store Up to 100 different assets
- Size: 72mm x 18.6mm x 11.75mm
- Large buttons inlaid on the front of the device
Bottom line: The Nano X is for Android users who want a larger screen, larger buttons, and Bluetooth connectivity and for those who have an iPhone.
The Lerger Stax is a new device. The wallet is a curved E Ink® touchscreen that you can navigate just like you do with your smartphone. You can customize the screen by uploading a photo or NFT.
The Stax is a higher-end product. Apart from the touch screen what sets it apart is the wireless charging and embedded magnets which allow you to stack one device on top of the other. The device includes Bluetooth connectivity and is compatible with both iOS and Android just like the Nano X.
- Size: 85mm x 54mm x 6mm
- Desktop: – Windows 10 / 11 – macOS Big Sur / Monterey / Ventura – Ubuntu LTS 20.04 / 22.04
- Mobile: iOS 14+ or Android 10+
- Display size: 3.7 inch
- Resolution: 400×672 px
- USB-C and Bluetooth support
- Wireless charging
- Embedded magnets so you can stack multiple devices on top of each other
Bottom line: if you are looking for a premium cryptocurrency wallet with a large display that is compatible with both Android and iOS then Ledger Stax is for you. The only thing is that you will have to wait until it is in stock.
Now that we looked at the models let’s take a look at the features, pros, and cons of Ledger wallets overall.
Ledger Wallet Comprehensive Review
- Support for over 5,500 different crypto assets
- 24-word recovery phrase
- Bluetooth connection (Nano X and Stax)
- Secure Element chip
- USB port and cable
- Ledger Live companion app which includes built-in exchanges, fiat onramps, and defi compatibility such as staking
- PIN code
- NFT Storage (on Polygon and Ethereum)
1. Ease of use
All three of the Ledger devices are intuitive and easy to use via the Ledger Live application interface and the device touch screens.
You will find that the resources on Ledger Academy have good instructions on how to get started.
2. Security and peace of mind
I want to spend a little time here because security is Ledger’s biggest selling point.
In terms of security, Ledger has three things going for it.
i) Cold storage
First of all, it’s offline. This means that no North Korean Hacktivist group is going to be able to come after your precious crypto.
But won’t the bad guys have access when I connect the device to my laptop or phone?
When you connect your Ledger device to the Ledger Live app using a USB cable or Bluetooth, there is a secure communication process that takes place, and the private keys remain stored securely on the device.
Here’s how the security works:
- The Secure Element chip on Ledger devices is designed to securely store private keys and perform cryptographic operations. The private keys never leave the secure element and are isolated from being exposed to your computer or the Ledger Live app. This isolation prevents malware or other software on your computer from accessing the private keys.
- When you perform transactions using the Ledger Live app, the Ledger device requires physical confirmation from the user. This means you need to physically press a button on the device to confirm transactions. So even if a hacker were to gain remote access to the device they would need to be physically present to press those buttons.
- To access the Ledger device, you must enter a PIN code. This PIN code is known only to you and serves as an additional authentication factor.
- The Ledger Live app authenticates the Ledger device using a secure process. It verifies that the device connected is a genuine Ledger device and hasn’t been tampered with.
The Secure Element chip is impossible to tamper with even if a baddie were to have access to your physical device. Unlike other mass-produced chips, Secure Element chips are tamper-proof.
iii) Operating System
Ledger uses a custom operating system called BOLOS. This feature is important because it means that Ledger, unlike other wallets, can install applications that are isolated from each other.
Other wallets that do not use an OS have to issue an update across their entire firmware in case of a security breach or bug with one of the components.
With Ledger, it isn’t like that.
So for example with BOLOS, Ledger can keep your Bitcoin application, your Ethereum applications, etc isolated from each other on the Ledger device
There is no way for the applications to talk to each other and neither are any of them able to access your recovery phrase which is also kept separately.
BOLOS also ensures that a physical confirmation on the device through the press of a button needs to be given before any action can be taken.
You can find out more details about BOLOS here.
3. Software wallet functionality
The other thing I liked about Ledger’s user experience is that through the Ledger Live app, you get the same functionality that software wallets provide.
Here are a few things you can do:
- Purchase crypto directly using a credit card or debit card through integrations with payment providers such as MoonPay
- Exchange cryptocurrencies using the swap feature
- Stake your crypto to earn a yield directly through the app
- Access more than 15 dApps such as Lido, 1INH, JUNO, and more
Ledger Live Web3 Plugins
4. NFT storage
Ledger is compatible with Ethereum and Polygon NFTs so you can store them directly on the device just like you can with your other digital assets
1. Security concerns
i. December 2023 hack
On the 14th of December, a former Ledger employee fell victim to a phishing attack. This former employee still had access to a piece of software called Ledger Connect Kit. This is code that enabled websites to connect to wallets and was in use by many DeFi platforms including SushiSwap, Zapper.fi, and Revoke.Cash. The hacker was able to exploit the code and start draining wallets. The attack lasted 2 hours and estimates of the amounts stolen range between $500,000 and $850,000. The code has since been fixed and Tether has frozen the addresses used by the attacker. The attack created bad PR for Ledger but it’s important to note that Ledger devices and Ledger Live software were not affected. YOu can find the official Ledger announcement about the hack here.
ii. Ledger Recover
In May 2023 Ledger released an unannounced optional firmware update that allowed users to set up a way to recover their keys. This sparked a Twitter storm of comments with people misconstruing the product feature as an assault on their privacy and the security of their wallets. Things only got worse when on May 17th a customer support agent tweeted that it’s always been possible to write firmware that extracts someone’s private keys. On May 18th the tweet was taken down with the CTO clarifying that this was a mistaken comment and that the tweet was not factually correct.
So what is the deal with the Ledger recover feature?
To answer this I listened to the two podcasts that discuss the matter in detail. I have posted them under the resources section if you want to listen to them later but here is the low down:
Legder recovery is an opt-in feature for those Ledger users who do not trust themselves to keep their device or seed phrase safe. Hardcore crypto advocates will say not your keys, not your crypto. However, what Ledger was experiencing was a lot of customers seeking help with lost devices or recovery phrases.
Ledger has about 2 Million customers and estimates that there are about 500 Million people who store their funds on exchanges. Ledger’s CEO says that there are 6-7 million people who own more than $160 worth of crypto and that this is the target market for hardware wallets.
However, one of the reasons that people keep their crypto in the custody of exchanges is that they don’t trust themselves to keep their devices and seed phrases secure.
He gives an example of a friend whose device was stolen from his car while he was moving house.
In that kind of situation, there is nothing you can do to recover your funds. To address this concern Ledger has launched Ledger Recover.
What’s Ledger Recover?
- Ledger Recover is an opt-in feature that splits your seed phrase into three shards and encrypts them on three separate hardware security modules of three separate companies: Ledger, Coincover, and EscrowTech.
- To recover your phrase you need to share your personal information with Ledger’s partner Onfido. Onfido scans your ID documents such as a passport and you verify your face by using your camera.
- The service costs €9.99 per month and is available for the Nano X and will soon be available for the rest of Ledger’s models as well.
Is it safe?
It’s as safe as you can get if you want to have a recovery option. If you feel you are more exposed you don’t have to opt in to the Recover service. This is an optional service for people who are not very good at storing their seed phrases and devices safely.
The main issue that hardcore crypto aficionados have with Ledger Recover is that they would have liked Ledger to release separate devices.
Ones that are compatible with the recovery feature and ones that are not. For the ones that are not compatible, there would be no way for a hacker to access the API that enabled Ledger Recover to work.
2. Not 100% open source
The crypto community ethos is that everything should be open source. The main reason for this is that opening up your source code for everyone to see indicates that you have nothing to hide.
Secondly, it also means that those who have the skills can audit your code for vulnerabilities.
The counterargument here is that hackers too can easily search the code for vulnerabilities.
However, an open-source project that has been around for a while is thought to have stood the test of time and can be deemed more trustworthy than other closed-source projects.
Having said that, Ledger is open-source to a large extent. The only part that they are unable to share is the Secure Element technology component which does not belong to them.
3. Not great for DeFi
If you are a hardcore decentralized finance person then a ledger hardware wallet could throttle your vibe.
For example, say you want to join a liquidity pool, do funky stuff with Yearn or Curve finance, or simply want to liquid stake on Lido and then take your stETH and use it as collateral against a loan on Compound which you then use to leverage on MarkerDAO then Ledger is not for you (yet).
Ledger is for those seeking to store their sizeable crypto assets off crypto exchanges and off hot wallets in a secure manner.
However, Ledger is moving in a Web3 direction and experimenting with offering multiple dapps on the Ledger Live App.
4. Not for mining
If you are a miner Ledger isn’t the best wallet to directly send your rewards to. Instead, you will need to use a wallet that is compatible with the mining software you are using. From there you can send your crypto rewards to a Ledger device.
5. You need to shell out cash
A key drawback with Ledger is that you need to make an upfront investment of at least $79. Given the security features of this thing, I feel it is a small price to pay.
Sneak peek at the setup process
Step 1: Download the Ledger Live App
- Download and install the Ledger Live app on your desktop computer or laptop
Step 2: Open Ledger Live and Get Started
- Open the Ledger Live app.
- Click on “Get Started.”
- Click on “Enter Ledger App.”
- Select “Nano S Plus” or “Nano X” and click on the top option for a new setup.
Step 3: Educational Slides
- Look through the four educational slides.
- Click on “Let’s do this.”
Step 4: Connect the Ledger device to a Computer
- Ensure you are alone.
- Click on “OK, I’m ready.”
- Connect your Ledger device to the computer using the USB-C cable
Step 5: Set Pin Code
- Use the top button on the Nano S Plus or the front button on the Nano X to scroll through the navigation instructions.
- Press the right button until you see “Setup as new device.”
- Press both buttons simultaneously to select.
- Set a PIN code using the buttons on the Nano.
- Confirm the PIN code by pressing both buttons.
Step 6: Write Down the Recovery Phrase
- Confirm the PIN on your device
- Scroll right on your Nano to read the disclaimers and press both buttons to continue to the recovery phrase.
- Write down your recovery phrase on the provided recovery sheet that comes with your device.
- Confirm your recovery phrase word by word.
Step 7: Verify Recovery Phrase
- Confirm each word in order using the buttons on your Nano.
- After confirming the last word, press both buttons.
- Your device will show “Confirm your recovery phrase.”
- Press both buttons to confirm.
Step 8: Complete Setup
- Scroll right and press both buttons to continue.
- Your device will show “Processing.”
Congratulations! Your device is now ready.
The full video is available here
There are 3 alternatives to using a Ledger.
- The first option is to go for another cold storage device.
- The second is to use a Vault or exchange.
- And the third is to use a hot wallet that is connected to the internet.
Hardware wallets are considered the safest. Here are some other hardware wallets you could look into
- Trezor Model T. See my Trezor wallet review for more.
Other cold storage options
- Coinbase Vaults: a custodial time-locked cold storage option where you can have multiple approvers
- Exchanges: some exchanges such as Kraken are renowned for their security. Again this is a custodial solution. See what you need to look for in an exchange here
- Official ledger website
- Ledger Recover explained, the official presentation by Ledger
- Ledger recover with Pascal Gauthier, NVK, Matt Odell & Harry Sudock on What Bitcoin Did
For this in-depth review, I downloaded and tested all of the Monero wallets I am about to present to you. I have ranked these wallets based on my rating methodology and what I consider to be most useful to you, the user, and not based my ranking on any affiliate commissions I may receive. Read more.
In this in-depth Exodus wallet review I am going to share with you everything you need to know to decide if Exodus is for you or not. I will cover the main features, pros, and cons of using Exodus. I will evaluate the user interface and what the overall user experience is like. We’ll also cover whether it is safe to store your crypto on this wallet or if you are at risk of getting hacked. In addition, I’ll assess the legitimacy of the company and its founders. I will also share with you the cool features of Exodus such as its multicurrency support and Web3 integration as well as areas that I feel could be improved. Read more.