Passer au contenu

Bitcoin accepté au paiement  |  Expédié depuis Laval, QC, Canada  |  Soutien expert depuis 2016

Ledger

Digital Sovereignty

Definition

Ledger is a French manufacturer of hardware wallets, including the Nano and Stax model lines, that store private keys offline and sign transactions on-device. Ledger's design centers on a certified secure element — with Common Criteria certifications such as EAL5+ or EAL6+ across its devices — that isolates cryptographic operations from the host computer and from the device's own general-purpose microcontroller. It is among the largest hardware-wallet vendors in the world, which makes both its architecture and its history relevant to anyone weighing custody options.

Architecture

Ledger devices run a custom operating system called BOLOS (Blockchain Open Ledger Operating System) on the secure element. Each coin application runs in an isolated environment so one app cannot read another's data, and this app model lets a single device support many assets through installable applications managed via the Ledger Live companion software. The secure element provides strong resistance to physical key extraction — the class of attack demonstrated against wallets built on general-purpose chips.

Open-source status

Ledger's position on openness is mixed and worth stating plainly. The company open-sources much of its application-layer code, SDKs, and companion apps, but the low-level firmware running on the secure element is closed source and covered by chip-vendor non-disclosure agreements. Ledger states this is because the secure element's internals are the vendor's protected intellectual property. The practical consequence: the core firmware cannot be independently audited or reproducibly built the way fully open designs allow, so users extend trust to Ledger's engineering and processes rather than to public inspection.

Public record: the data breach and Ledger Recover

Two episodes are part of the public record and inform how sovereign users assess the company. In 2020, Ledger's e-commerce customer database was breached and later published, exposing names, email addresses, phone numbers, and physical addresses of customers — device keys were not affected, but the leak fueled years of phishing campaigns and raised the physical-security stakes of being a known hardware-wallet owner. In 2023, Ledger announced Ledger Recover, an opt-in subscription service that shards an encrypted backup of the seed to third-party custodians. The controversy was less the optional service than what it revealed: firmware on the secure element can, with user consent, extract encrypted seed material — contradicting how many users had understood the device's guarantees. Both episodes are facts, not verdicts; they illustrate why minimizing the personal data attached to a custody purchase, and understanding exactly what a device's firmware can do, are part of self-custody diligence.

Where it fits

Practical guidance follows directly from that history. Because the 2020 breach made Ledger ownership itself a matter of public record for many customers, buyers should minimize identifying data at purchase where possible and be permanently suspicious of any message referencing their device — the durable harm of the leak is a phishing list that never expires, and the only reliable rule is that the seed phrase is never entered into anything but the device itself during recovery. On the architectural side, Recover's existence means users should read and understand what firmware permits before updating, and decide deliberately whether an opt-in service changes their calculus; those who find any extraction pathway unacceptable can weigh open-stack alternatives or bury Ledger inside a quorum where no single vendor's decisions are decisive. None of this requires drama. It requires the same habit that governs firmware on a mining fleet: know what the code running on your money can do, and choose accordingly.

Ledger devices offer certified-silicon hardening, polished software, and broad asset support in a connected workflow; the trade-offs are closed core firmware and trust in the vendor's stewardship. Users who prioritize full auditability tend toward open-stack alternatives; using differing vendors as cosigners in a multisig quorum diversifies both kinds of risk. See hardware wallet and cold storage for the surrounding concepts.

In Simple Terms

Ledger is a French manufacturer of hardware wallets, including the Nano and Stax model lines, that store private keys offline and sign transactions on-device. Ledger’s…

Explore the Full Glossary

Browse all Bitcoin mining terms from A to Z. Whether you are a beginner or expert, deepen your understanding of the mining ecosystem.

Glossaire du minage

ASIC Miner Database

Compare 500+ miners with real-time profitability data, home mining scores, and detailed specs.

Comparer les mineurs