Skip to content

Cryptocurrency Wallet Review: Ledger Nano S

June 6, 2018
cryptocurrency wallet
Cryptocurrency Wallet Review: Ledger Nano S

If you’re new to cryptocurrency investment or you’re in the market for a robust, safe and secure way in which to house your cryptocurrency, this review is for you. Within it, we cover several frequently asked questions about the Ledger Nano S: a hardware cryptocurrency wallet popular with investors all around the world.

The contents of this review might help you to affirm your decision to go ahead with purchasing one, or have you looking for something else instead.

What is the Ledger Nano S?

The Ledger Nano S is a hardware wallet considered to be one of the most secure ways to house your cryptocurrency. Rather than keep it on your computer which may be compromised by malware at any moment, you can send, receive, and store cryptocurrency such as Bitcoin on this hardware connected to your computer. Even if your computer is at risk, as long as your coins are securely located on your hardware digital wallet, you can rest assured the transaction will take place seamlessly.

How does the Ledger Nano S work?

If you’re comparing the Ledger Nano S to any other hardware wallet, you will find it is relatively similar – both in features and in price. To set up your hardware wallet, you choose a pin number to protect it from unauthorized access; then you also receive a seed that’s 24 words long so you can create your private keys. Once you receive your seed, it’s crucial to store it in a safe place. Don’t keep it on your computer and instead, consider writing it down with a Cryptosteel device. Doing so is all the more critical if you have a significant amount of money invested in cryptocurrency.

Is the Ledger Nano S safe?

The unit itself is safe, but we’ll get to potential flaws later on. When you’re considering buying a new Ledger Nano S, it’s crucial to buy it directly from the manufacturer and not a third party. What’s more, you have to make sure it’s a new, unopened wallet that no one else has used before you.

The reason for this is that hardware wallets are quite vulnerable to scammers, especially those who know what they’re doing. If you’re not familiar with a hardware wallet and how it works, it’s all too easy to fall into the scammer’s trap. You can find them online on websites such as eBay classified as “new,” and the seller has already generated the seed. They then write this seed down, telling you it’s the code you require for if you lose the wallet or damage it.

As soon as you put coins into this new wallet, the seller can recover the wallet using the same seed, stealing all of your coins in the process. While this isn’t a problem with only the Ledger Nano S, it’s something of which to be aware. In essence, you need to buy a hardware wallet that has not yet had its 24-word seed generated.

What coins does the Ledger Nano S support?

Unlike your physical wallet which can house all kinds of currency, using a hardware wallet is a little different. You can store Ethereum, Ripple, and Bitcoin on the Ledger Nano S seamlessly, but you need to install apps onto the wallet via your computer to ensure it can house others as well. To do this, you need to install a Chrome extension called Ledger Manager, connect your Ledger, then select your coins of choice.

The downside of the Ledger Nano S is its capacity. If you’ve invested in several different coins (so that you’re not putting all your eggs in one basket so to speak), you run the risk of not having enough space in the wallet because you need to download apps to store them. To get around this, it’s worthwhile to purchase more than one and spread them out.

How secure is the Ledger Nano S?

Without covering scams and hacks, the Ledger Nano S is exceptionally secure. Like most other hardware wallets, it enables you to store your private keys and transactions offline to stop people from being able to hack into them remotely. The Ledger Nano S also has a secondary verification action such as a signing authority which means even if someone else has control of your computer, they won’t be able to access your hardware wallet.

Can the Ledger Nano S be hacked?

Knowing about the flaws in the Ledger Nano S can be the deciding factor for any investor. Should you choose this wallet or another one? Recently, Ledger took to Twitter to instruct people to verify their receiving address using their monitor screen button at the end of their transaction forms.

However, this wasn’t just a random reminder out of the blue. It followed on the back of a vulnerability report carried out by DocDroid which showed attackers could infect your hardware wallets with malware which can trick you into sending your cryptocurrency to the hacker.

Receiver addresses through Ledger are generated by using JavaScript code. All a hacker needs to do is replace the code with their own address. The result? All further transactions you make are directed to the hacker’s address. Because of the way in which the Ledger Nano S was designed, you can’t verify the received address, meaning it’s challenging to know whether it’s authentic or not.

While this was a dramatic discovery in itself, the worst was yet to come.

How can the Ledger Nano S be hacked?

Hackers have now discovered a way to steal your coins remotely and physically by effectively breaking your hardware wallet. Ledger uses a custom architecture which is open to exploitation by hackers. Before someone receives their hardware wallet, the keys can be stolen either physically or remotely.

While at least three ways to do this have been discovered, the most dangerous one appears to be known as a supply chain attack where they don’t need to use malware or confirm transactions. The Ledger Nano S has two microcontroller units – one to store private keys and one for data. One also houses display functions, USB interfaces, and buttons. Currently, the private key unit communicates to the data unit. However, while the private key unit can detect whether it’s running legitimate Ledger firmware the data unit can’t confirm it. Therefore, it’s all too easy to tamper with these units and make the unit non-secure.

Ledger has put steps in place to prevent hardware spoofing, but there is no way of determining which devices are at risk. In fact, Ledger Nano S packaging isn’t tamper-proof either, so you can’t tell whether someone has opened the box before you.

There’s no denying that without the weaknesses, the Ledger Nano S is a user-friendly and, for the most part, secure unit. If you buy it from a reputable seller, keep it safe and ensure you are the first person to generate both the pin code and the seed, you are well set up to complete transactions safely. However, it’s worth knowing that there are hackers and scammers out there, and ensuring your coins are safe should be your utmost priority.