Ledger is my least favourite device of the well known hardware wallets (hww). I am so often asked for specific reasons, that I’m writing this here – it is not because I’m on an anti-Ledger crusade.
There are many choices for hww’s, and most have flaws, although, they are usually safer than leaving coins on the exchange. If used with expert care, they all definitely are better than leaving coins on the exchange. Learn to use expertly, here.
- Well known – but gives false sense of security.
- Easy to use – but using it the default (and easy) way leaves security vulnerabilities.
- The device FORCES you to connect to Ledger Live, which exposes your public key, and your IP address (if you don’t use a VPN), to the Ledger node. They will be the first to cooperate with the government to release your data when tapped on the shoulder to protect their business interests (Them, together with Coinbase). You can trick it and bypass this for a passphrase enabled wallet, but you must expose that wallet’s empty-string-passphrase version to Ledger Live always. Note that exposing the extended public key permanently reveals ALL addresses that is in the wallet (8.6 billion of them), as all addresses are mathematically derived from the extended public key (xpub).
- As a security company, having all their customers’ data stolen from their servers leaves a lot of questions about their competance and care about security – there are things you can’t check yourself about any product, and you are left trusting, so this is important. The customers’ names, addresses, and phone numbers were leaked, exposing everyone to physical attacks, or phishing scams – some have been successful.
- They shitcoin. Altcoins (are all shitcoins) don’t have a place, but many will argue against this as they are new, or they are scammers. There are plenty of irrefutable arguments – one only needs to look). Managing thousands of shitcoins, for a device’s design (and software design), are included for increasing market share, and distracts the company away from focusing on security and advancements.
- I personally find the device controls clunky to use, and some menu options, particularly for creating a passphrase, are not intuitive.
- The Ledger Live app normalises the purchasing of altcoins, which can steer innocent people down the wrong path.
- The Ledger Live software presents the user with one receiving address at a time, hiding the fact that there exists “limitless” addresses – the main problem with this simplicity is that the way Bitcoin wallets work are hidden, and users don’t learn. The device also makes it difficult for users to grasp the concept of change-addresses and UTXOs (they are not shown). If a transaction does have change, and the user looks it up on a blockchain explorer, they may believe some bitcoin went to a foreign address. I have had several people come to me for help, thinking they’ve been scammed because they didn’t understand change addresses.
I have left out some other issues that are not specific to Ledger. Some others may come to mind and I’ll add later.
If you’ve already purchased a Ledger, don’t throw it away – you can learn to use it wisely, or keep it for a multisignature setup one day.
If you are hesitant to dive in to using hardware wallets, you might benefit from a little supervision by video calls.