Ledger S crypto-currency hardware wallet
The recent surge in trades on crypto-currency such as IOTA has started to attract many main-stream “crypto-investors” using platforms such as Luno Money, Coinbase, Binance (my favorite) or LiteBit.eu. My recent bad experience with Luno Money showed what can happen when an online-platform struggles to release funds for almost 48 hours:
— Gerd Naschenweng?? (@gerdnaschenweng) December 5, 2017
The above issue sounded trivial, but if Luno had not blocked my Ethereum for over 48 hours due to some system issue on their end, I would have been able to purchase IOTA at $2/IOTA and sold it off making a $5,000.00 profit within that time frame. If you only invest into crypto-currency to hold onto your investment, this is not an issue. However, if you are planning to make an opportunistic buy or sale, you should really not rely on someone like Luno to manage your whole portfolio.
Aside from technical glitches, relying on an online website to store your currency is very risky – any site can be hacked, attacked via DDoS and then become inaccessible or result in all your investment being lost.
Let’s understand the basics of a wallet first
Let’s be clear: A software- or hardware-wallet is just as secure as the environment you run it in. All crypto-wallets should be managed in the same way you would manage your ATM- or credit-card. If you currently have your ATM-PIN as a sticky-note in your wallet or if you are not using a password-manager such as 1Password, you need to address this first.
All crypto-currencies work on a principle where your account is “stored in the blockchain” and since the blockchain can not be manipulated, you crypto-address will exist in the chain for ever. Most crypto-currencies work on the principle of an address or seed (a completely random but unique string) which belongs to you and is created via your own private key. When you create your private key you will also be given a recovery phrase (often 12 to 24 words, sometimes another longish password) which allows you to recover your private key and regain access to your data in the block-chain.
Unlike when you lose your credit-card or forget your ATM-PIN, crypto-currencies do not allow you to reset it unless you have the recovery phrase. All software wallets will store your private key and wallet-information in a wallet file (often it is called wallet.dat). If you delete the wallet file (or your laptop gets stolen) you will have a very slim chance to recover your investment.
Running a software wallet on your PC or mobile device has the additional security exposure of malware which deliberately steals wallets and passphrases. Remember that once someone has access to your crypto-currency, it is easy to transfer funds somewhere else. Although you will be able to trace where the funds went, it will be highly unlikely that you will be able to identify the person behind the address as the block-chain is anonymous. In short: Your money is gone for ever!
How is a hardware wallet different?
Wallets like the Ledger Nano S feature hardware encryption and are walled/sandboxed from your PC. Unless the hardware wallet is plugged in, there is no chance that your wallet can get compromised. The chance of theft of the physical device always exists and you should obviously safeguard yourself from this. However, should your hardware wallet be stolen, the thief will be able to do very little with it as long as you have enabled a PIN-code to unlock the hardware wallet.
In case of theft (and assuming that your PIN-code is not “0000” or “1234”), it will be impossible for the thief to brute-force the PIN and then transfer the funds. The Ledger S for example wipes the device after the 3rd unsuccessful PIN attempt:
Should your hardware wallet go missing, there is little chance that the thief manages to access the wallet and you can then just organise another hardware wallet and recover access via the recovery phrase (let’s all hope that you have written it down).
It is not necessary to have another Ledger S to recover as long as a hardware wallet implements BIP44 to generate accounts and addresses, and BIP39 to generate the recovery mnemonic phrase (aka, the seed) then it will be possible to recover that wallet anywhere else that supports BIP39/44, including the Ledger Nano S.
The Ledger Nano S in review
The Ledger Nano S is powered via a USB cable and for me the most annoying feature of the Ledger. A separate micro USB cable is completely unnecessary and would have made the Ledger S more portable if you could have just plugged the device straight into a PC.
The setup is fairly straight-forward:
- Connect the USB cable to the Ledger and plug into your PC
- The Ledger will startup and initialise and will guide you on how to use the two hardware buttons (left / right and clicking both confirms a selection)
- The first step is to setup a 4 digit PIN. Make it something secure (i.e. not “0000” or “1234”). If the Ledger goes missing and someone enters the PIN incorrectly three times, the device will reset.
- Once the PIN has been setup, you will be presented with 24 unique words (your recovery phrase). It is important that you write them down in the exact same sequence (number them the same way if you store it in a password manager) as the recovery phrase is the only way to gain access to your wallets.
- Once you have written down the 24 words, you will be prompted to confirm two random seed words.
- As a final step I would do a complete reset (just type the PIN incorrectly 3 times) and then use the recovery mechanism to see that your seed words recover access.
Once the Ledger setup is complete, you just need to enable the Ledger Wallet Manager to install the various wallet apps:
All the Ledger Apps are Chrome based apps and as such are accessible pretty much everywhere – at worst you can plug your Ledger USB cable into a public/foreign PC to quickly transfer funds out of your Ledger wallet.
Almost a perfect device – but just a few “meh”
The device works perfectly as a cold-wallet where immediate / quick access is not necessary and this is the main use-case for my Ledger S. It certainly gives me that extra level of assurance over a software wallet, but when it comes to ease of use, it has quite a few issues or room for improvement:
Why the USB cable?
This is completely unnecessary. The device comes with a fancy lanyard and can be attached to a key-ring holder, but as a user you still rely on a micro-USB cable to make use of the device.
Those Chrome Apps are painful to use
The apps work very well, but when it becomes annoying is that you can only access one wallet at the time. First you need to open the Wallet App via Chrome/shortcut on your PC, then you need to navigate to the wallet-app on the Ledger S an then start the app. At this point in time, the Desktop app will synchronise with the wallet-app and you can then interact with your wallet on the PC.
For each crypto-currency you need to install it’s own wallet app onto the Ledger S which can only store up to 5-6 wallets. If you need access to more coin-wallets, you will need to uninstall one more of the wallet-apps on the Ledger and then install the new coin-wallet. This is cumbersome, but on the upside your wallet-data is not lost when you uninstall/reinstall wallet apps.
With Google’s announcement to stop supporting Chrome Apps, Ledger is now busy developing native apps and hopefully the wallet management will be better (but probably comes with the disadvantage of not being as portable).
How a great hardware wallet should work
The Ledger S is perfect considering it’s low price. If you use it as a cold-wallet, the USB cable and the cumbersome use of the Chrome wallet apps can be overlooked. Although Ledger has the “Ledger Blue” which is a NFC/Bluetooth capable device, it lacks the Bluetooth support for any other wallet app – so that feature is pretty pointless right now (especially considering that the Ledger Blue costs whopping EUR 229 vs the EUR 59 for the Ledger S).
A perfect “hot-wallet” hardware device should be multi-currency and support all common coins and tokens (none currently support IOTA). It should also be possible to use the hardware wallet wirelessly with a mobile device or a desktop. The device itself should be rechargeable and last at least a few hours when powered on. A touchscreen would be ideal. The Ledger Blue is close enough to it, but the price is far out of reach for most of us nillionaires.