Ledger Nano X: The possible security issues

    Published on:

    Yesterday, Ledger announced that it has added new features to its Nano X hardware wallet.

    This new feature is called Ledger Recover and allows you to recover your seeds even if they are lost.

    For now, it looks like it’s only available to those who have run the latest firmware update on their Nano X, but we can’t rule out the possibility of it expanding to other devices from the company in the future.

    Ledger Recover comes to Ledger Nano X

    This new feature is designed to recover even if the seed is lost.

    A seed, also known as a “recovery phrase”, is a list of words that can recover your wallet.

    Anyone who owns that list can retrieve the wallet at will, so it is imperative that it is kept safe and out of the hands of others.

    In general, it is recommended to write it down on paper and store it in a safe so that it can be easily retrieved at any time and that it does not fall into the hands of others.

    Even better, it’s generally a good idea to split it into two or three parts and store them in separate locations, such as separate safes.

    However, people who want to retrieve their wallet often lose their seeds because they can’t remember where they keep them or because the word list paper is lost or destroyed. Or if it becomes illegible due to water, etc.

    If the seed is lost, users who need to retrieve the wallet will have no chance of recovering the seed. Therefore, the Ledger Nano X has an optional seed collection function.

    Risks of enabling Ledger Recover

    The problem is that the new feature splits the seed into three encrypted fragments and sends it to a third party so that the user’s seed can be retrieved even if it is lost.

    Yesterday, the company’s CTO, Charles Guillemet, explained how it works. ledgerThis is the official Twitter profile of.

    So anyone who enables the new Ledger Recover feature on their Nano X will actually start the process of segmenting the seed, encrypting it, and sending it to an unknown third party after performing the firmware update. .

    With this method, there is a risk that a user’s seed could end up in someone else’s hands.

    How can I protect myself from new features?

    First, it’s an optional feature that isn’t automatically enabled when you install a Nano X firmware update, so you don’t need to enable it to prevent seeding.

    This method does not give the hardware wallet permission to send the seed to anyone.

    While it is possible to avoid installing new firmware, it is not recommended not to update the software that runs your device, as older firmware may contain vulnerabilities that will be fixed later.

    Additionally, this is a feature that is only present on the Ledger Nano X, so you can also use other devices such as the Nano S if you want to avoid the issue entirely for now.

    However, it is more likely that there will always be hardware wallets in the market without similar functionality, although similar functionality may be introduced in future firmware updates for other devices.

    So this problem seems non-existent as there is a way around it entirely.

    Allegations over new Ledger Nano X features

    But that’s not all.

    First, we highly recommend updating the firmware of devices with such a high level of security.

    And it’s entirely possible that similar features will be introduced to other devices in the future.

    But if this is all you need, the problem is so trivial that it might be easy to fix anyway.

    The problem is that the firmware code for the Ledger hardware wallet is not open source. In other words, it’s not public, so no one but the person who created it can examine it to understand how it actually works.

    This has given rise to a wave of suspicion, many of which are probably exaggerated if not outright hoaxes, and cannot be drowned out by clear and sharp evidence. In other words, traditional Ledger device users can only trust the company’s claims and hope they’re true.

    Indeed, according to numerous statements made by Ledger yesterday, the issue certainly appears to be negligible, but all this is based solely on trust in the company’s integrity.

    Ledger Nano X: Possible Security Issues

    Many users don’t know the firmware code of their Ledger devices and are starting to speculate about various security issues.

    The most important issue being raised is the possible existence of so-called “backdoors”. This is a firmware feature that allows access to the seed.

    The point is, if someone somehow manages to hack the device, they would be able to get the seed of the wallet if such a backdoor existed, thus effectively stealing all the tokens stored there. is possible.

    Again, if the firmware can split the seed into 3 parts and send it encrypted, then by necessity it must be able to access the seed. And having access to the seed means that in case of a hack, someone could be forced to send the complete, unencrypted seed.

    Without knowing the computer code of the firmware, it is impossible to determine whether such a thing is possible, and the company’s verbal assurance that it is not possible is not enough to completely dispel this suspicion. It seems not.

    But there is also another problem.

    In fact, anyone who can recover them can steal the wallet from its rightful owner, if it is enough to combine the three encrypted segments to reconstruct the seed.

    So one wonders how it is possible to ensure that the three segments are always stored properly and no one (perhaps all together) can retrieve them.

    Even fancier speculation imagines that the three companies to which the various seed segments are sent may in the future agree to pool the user’s seed fragments and steal the funds.


    As it stands, the real issue with this issue is probably not a security issue, but a transparency issue.

    Since the computer code of the Ledger device’s firmware is not publicly available, it is absolutely inevitable that there will be all sorts of suspicions and various conspiracy theories about how it works.

    Most of these doubts are probably untrue in their current state, but they will remain forever if the code remains opaque.

    But on the other hand, it’s easy to see why the company wouldn’t want to publish code that would probably take a lot of effort, cost a lot of money, and never want to publish. Free to competitors.

    So unless the company’s strategy regarding software development changes, this problem is unlikely to be resolved anytime soon.


    Leave a Reply

    Please enter your comment!
    Please enter your name here