Review: Ledger Nano S

Review

Hardware wallets combine the security of keeping your private keys offline with the ease of transacting from an online computer, providing a highly secure yet simple solution for storing your bitcoins. A hardware wallet is a separate device that can be connected (via USB) to your computer to make transactions. The private keys are stored on the device, but can never leave the device.

In the series of reviews we look at different hardware wallets and compare the pros and cons of each wallet.

The Ledger Nano S

Earlier we wrote a review of the Trezor, one of the first hardware wallets to hit the market. In this hands-on review, we take a look at the Ledger Nano S, the second generation hardware wallet from Ledger.

Ledger is a French startup founded in 2015 and based in Paris. Ledger focuses specifically on secure hardware solutions. In addition to the Nano S, Ledger offers a number of other wallets: the Nano, a hardware wallet with minimal functionality, the HW.1, aimed at multisignature applications and in the future also the Blue, an advanced hardware wallet with touchscreen that can apps can run.

We are reviewing the Nano S because it is similar in functionality to the Trezor and therefore falls into the most commonly used hardware wallet category. With the price, the Nano S immediately scores a few points: the Nano S costs 70 and is therefore 25 cheaper than the Trezor.

Reception

When you open the box of the Nano S, the first thing you see is a card with the following message:

Ledger uses attestation to guarantee that the device you received actually comes from Ledger. This proves that the device has not been replaced by a counterfeit and that the code running on it has not been modified by a malicious person who intercepted the package. Ledger achieves this by providing a private key from the factory in a secure element on the device itself. Only Ledger knows which public key belongs to the private key on the device, and the private key cannot be altered by someone intercepting the package.

When you connect the device to a computer and let it talk to the Ledger software, it checks whether the private key matches the public key known to Ledger for a certain batch of devices. If the device fails this test, it is immediately recognized as not genuine and rejected. This is a great way to ease the worry of shipping mess. Read more about this process here.

A disadvantage, on the other hand, is that not all code used by the Nano S is public. The source code of the bootloader , the program that loads the operating system and checks whether the version being loaded is correct, is not (yet) publicly available. As a result, you not only need to trust the hardware manufacturer, as is the case with other hardware wallets, but also Ledger itself for loading the correct operating system on the Nano S.

In practice – installation

Initializing the Nano S is done on the device itself. When you connect the Nano S to a computer via USB for the first time, you will be asked to enter a PIN code. You do this by scrolling through the numbers with the two buttons on the Nano S. Entering the PIN code on the device prevents reading by keyloggers. This operation works, but is not ideal: you have to click a lot each time to enter the PIN code.

This pin code protects the device against malicious parties who have physical access to the Nano S. It is important to enter the pin code correctly every time: if you enter the pin code incorrectly three times in a row, the device will be completely erased. You can then only restore your wallet by using the backup seed.

The wallet is then created. This is done, just like with the Trezor and other bitcoin wallets, based on a series of 24 random words. This string of words is called the seed . These words serve as the basis for creating the private keys that the wallet will use. At the same time, the seed serves as a backup of your wallet: as long as you know the 24 words, it is always possible to access the bitcoins in the wallet – the backup seed must therefore be kept safe!

Generating the random data for creating the seed is done on the chip that is in the Nano S. Ledger indicates that the manufacturer of this chip guarantees that it meets the European standard for generating random data. So here comes the downside that you will have to trust the manufacturer of the hardware.

It is possible to generate your own seed externally and then import it to the Nano S if you don’t trust the random data the Nano S generates. Some other hardware wallets, such as the Trezor, use a combination of internally generated random data and external data coming from the user’s computer.

The Nano S shows the 24 words one by one on the screen so that they can be written down in the supplied booklet. Subsequently, a number of words from the seed are randomly requested to check that they have been written down correctly. The words can only be displayed on the Nano S itself, as the sequence is the basis for all private keys in the wallet. To guarantee security, it cannot be displayed on a (potentially) compromised computer.

Management

The management of the wallet and making transactions is done in the Ledger application on the computer. Via ledgerwallet.com/start you can download the correct extension for your browser. You then connect the Nano S to the computer, enter the correct PIN code and select the type of cryptocurrency you want to manage on the Nano S. In addition to Bitcoin, the Nano S also supports Ethereum – for this you download a separate extension for your browser.

In addition to communicating with Ledger’s applications to manage the wallet, it is also possible to use the Ledger in combination with an independent open source desktop wallet, such as Electrum.

When you select Bitcoin, the Nano S communicates with the computer and the wallet interface opens. From here you can manage different accounts (separate wallets on the Nano S), make transactions, view your balance and view the transaction history.

Transactions are done in the same safe way as the Trezor and other hardware wallets: you enter the receiving bitcoin address on the computer together with the amount of bitcoins you want to send and you set the amount of the fee.

The transaction data is then communicated to the Nano S and confirmation of the transaction is requested. The Nano S shows the receiving bitcoin address, the amount of bitcoins to be sent and the amount of the fee on the screen for verification.

Once confirmed, the transaction is signed on the device itself – so the private keys never leave the device. This makes it safe to make bitcoin transactions, even if the computer you are using is infected with a virus. The signed transaction is then sent from the computer to the bitcoin network.

Conclusion

The Ledger Nano S is similar in many ways to the Trezor. The different hardware wallets therefore respond to the same market and are both suitable as safe storage for your private keys. The functionality of both wallets is almost the same, so the choice for one or the other is therefore in small differences.

Out-of-the-box support for various cryptocurrencies is a plus for the Ledger Nano S, as is its relatively cheap price. On the other hand, there is also something to be said for focusing on a single cryptocurrency, a simpler design of course leaves less room for possible attacks.

There is also something to be said for maximum transparency. One of the great features of Bitcoin is precisely its trustless nature. You would prefer to see this feature as much as possible in Bitcoin-related products and services, hopefully all source code of the Nano S will be fully publicly available in the future.

Advantages

  • Your bitcoins are safe from viruses and hackers
  • Attestation guarantees the purity of the device upon receipt
  • The Nano S offers support for multiple cryptocurrencies
  • The price: cheaper than the Trezor

Cons

  • You have to rely on the hardware manufacturer
  • Not all source code is publicly available
  • Physically safekeeping is required for the Ledger and backup seed

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2024 Cryptocoin Budisma.net