Ledger.Com/Start

From the Nano S to the Nano X, understanding the unique features of each wallet ensures users make informed choices aligned with their preferences.

If an organisation had enough know-how to intercept your package, replace the firmware of your hardware wallet by some rogue software which would allow them to empty your wallet, don’t you think it would be trivial for them to duplicate and replace a piece of colored tape, giving you a false impression of security?

Is there a way to fully guarantee that your package has not been opened and tampered with, other than fetching it directly from the hands of the developpers ?

An approach, available for open source projects, would be for the end-user to compile herself the wallet firmware from a verified repository. You may know how to check out a docker environment on Linux and launch the building process, but there is no way this approach could scale to mass adoption.

The solution: attestation

A better approach for proving authenticity of hardware wallets is to use attestation. This is basically a cryptographic challenge presented to the device each time it is connected to the computer (or smartphone). Let’s take an example: the Ledger Nano is using attestation as a way of proving to its owner that the product is genuine.

HOW DOES IT WORK?

The Ledger Wallet Chrome application sends a random value to the Nano as a challenge. The Nano then signs this random value + the firmware version, using an embedded private key shared by some batches. The Chrome app knows the public key and can verify the signature. If an attacker switched the Nano with a replica running a rogue firmware, it wouldn’t pass the attestation test and would immediatly be rejected as non genuine.

There is absolutely no way that an attacker could replace the firmware and make it pass attestation, without knowing the Ledger private key.

Also, as a side note, all API calls are protected by an attestation token generated during the initial check. Without a valid token, it is impossible to query our servers (protecting ourselves against unfair use of our blockchain explorer). Attestation doesn’t have any impact on privacy. Ledger uses a set of keys which are distributed by batches (for instance, we would change the key every 10,000 units). It is shared enough to completely avoid tracking, but is not unique to be able to contain damage in case of a key being compromised (which would affect only a part of the user base).