Ledger Nano – The Most Secure Bitcoin Hardware Wallets
So you have bought some Bitcoin and you want to hodl it in the safest and most secure place.
Well, there’s much debate about the most secure place to store Bitcoin: Paper wallets, Desktop wallets, Exchanges (only joking), but the safest place to store your Bitcoin is a hardware wallet.
There are a few excellent and secure hardware wallets on the market, but Ledger Nano Wallets are the best selling Bitcoin hardware wallets for good reason.
In this article we look into the specifics of why Ledger devices are the most secure hardware wallets, and also which Ledger device is best for you.
Ledger is an established hardware wallet manufacturer, and has security at the heart of its product.
Ledger is certified by ANNSSI, the French cyber security agency, and is the first and only certified hardware wallet on the market.
Ledger Bitcoin hardware wallets integrate a certified chip, known as the Secure Element, that are designed to withstand sophisticated attacks, and are perfect for securing cryptographic data, such as your private keys.
They are the only hardware wallet to have their own custom OS (BOLOS) that helps protect the device against malicious attacks, and isolates applications from one another.
Ledger offers a ‘genuine check’, which is an authentication process known as ‘Root of Trust. This ensures your Ledger hardware wallet hasn’t been tampered with by any third party.
Let’s Look Into Each Security Component a Bit Deeper
So, Ledger claims to be the most secure hardware wallet, but let’s look into each component a bit deeper to see if their claims can be backed up.
The Secure Element
The Ledger Secure Element is a secure chip that provides an extra layer of security compared to standard chips.
The secure chip is tamper resistant, and has an embedded preventive feature that is used to protect the hardware wallet against highly sophisticated and costly attacks.
The Secure Element is similar in standards to that used in things that hold highly sensitive data, such as credit cards, and biometric passports, and without it, all data on cards and your passport could easily be hacked.
And with Ledger Hardware Wallets the Secure Element is used to generate and store private keys. This is done in the most private of ways, and ensures your private keys can never leave your device.
The Secure Element chips go through a thorough third party audit, and to pass the evaluation the chips have to successfully withstand all types of attacks, and only then they will become a certified chip that Ledger will use.
Ledger’s Custom Operating System: BOLOS
Ledger is the only hardware wallet manufacturer to have its own operating system (OS).
BOLOS OS allows Ledger to create applications that suit its device, making the whole experience much more user-friendly and accessible.
Because BOLOS is designed with cryptocurrency applications in mind, it’s the perfect fit for the Secure Element, making Ledger wallets more secure than its competitors, that use a generic OS.
Hardware wallets that don’t use their own OS have all their applications built into the firmware, which means the firmware is carrying all the coding for all of a users Bitcoin.
This works fine, but it does make for more vulnerabilities than Ledger’s OS infrastructure.
For example, if you have several cryptocurrencies in your hardware wallet, and let’s say your ETH wallet is compromised, then because everything is stored in the same firmware, your BTC wallet would be vulnerable, too. And as a result you would have to update the whole firmware at the very least.
BOLOS allows for every application installed onto the OS to run isolated from every other application, ensuring the 24-word recovery phrase remains isolated from any other application.
Your hardware wallet will remain isolated from your desktop, also. And in the case of your desktop being manipulated by a hacker, your device will show the true details of your transaction.
And for all transactions, physical confirmation is needed. To confirm any transaction you’ll be directed to press certain buttons on your device’s screen.
This will show the true details of your transaction just in case your desktop has been manipulated by a hacker.
Ledger’s Root of Trust Ensures Your Device’s Security
BOLOS allows Ledger to the use a system what they call a Root of Trust.
With Root of Trust Ledger can verify the authenticity of the device, when a user connects it to Ledger Live Manager, and when updating firmware and installing applications.
Ledger Hardware Wallets don’t come with a holographic seal, because Ledger believes they give the buyer ‘a false sense of security.’ Attesting they are easy to clone and even easier to open and close the box without breaking the seal.
Ledger’s Root of Trust is a cryptographic mechanism that checks to see if your device is a genuine Ledger Hardware Wallet, or not.
It starts at the manufacturing point, and each Ledger device generates a private a public key. The private key will remain secret inside the device while the public key is sent to Ledger’s secure server for it to sign approval and send back to the device.
Then the authenticity can begin once the device is bought.
When opening your Ledger Hardware Wallet and using it for the first time, there’ll be a process of authenticity to go through.
Ledger will send your device a challenge which it will receive through its private key, and send back through its already authenticated public key.
Ledger server will read your device and send back approval of its genuine status. It will also be able to tell if it has been compromised.
As well as on first using it, you will go through this security process whenever you download an application, update your firmware, or if you connect to the Ledger Live Manager.
Should I Buy The Ledger Nano S or Nano X?
Which Ledger Hardware Wallet to buy is always a tricky question, and it all comes down to personal preference really.
Both hardware wallets are as secure as each other and are built in with all the above security specifications.
The Ledger Nano S is the best selling hardware wallet on the market, and at $59 it is cheaper than the Ledger Nano X, which retails for $119.
The Ledger Nano X has more storage capacity, and will allow you to install up to 100 applications (depending on size), whereas the Nano S will only hold up to 20 applications.
The only other main difference really is the Ledger Nano X is Bluetooth compatible, which is useful for connecting with Ledger Live Mobile, and it also has an 8hr battery life, where the Nano S is only run through mains.
You could always get both the Nano S and the Nano X. Many do, and use the Nano X on the go, and the Nano S as back up at home.
Owning both devices will give you an extra layer of security, in the case of one your devices being lost or stolen, you can easily move your Bitcoin from the other device.
Whichever Ledger device you choose, we believe you’re getting the most secure Bitcoin Hardware Wallet on the market.
A Bitcoiner since 2017 and a Bitcoin Maximalist since 2018, Tommy is our main writer and editor at Bitcoin Maximalist. Other than researching and writing about Bitcoin, Tommy loves spending time with his family and supporting his beloved Leeds United.