Ledger Nano S
I got my hands on a Ledger Nano S last week and set it up over the weekend.
The Ledger Nano is a “Cryptocurrency Hardware Wallet” which means it is a device you can store your Bitcoin, Ethereum, and other crypto assets on. It costs $95 on Amazon.
It looks like this:
It is about the size of your average thumb drive/USB Stick.
The screen you see in that photo is quite small and the UI that runs on it is pretty bare bones as a result.
There are Chrome Apps that run in your browser and connect to the Ledger and provide the basic wallet functionality that you have gotten used to on Coinbase or some other hosted or software wallet (balance, send, receive, etc).
I was able to set up the Ledger Nano and get it working without too much hassle. The instructions are pretty good. But the security precautions (which are absolutely necessary) are a bit of a pain to deal with and it is not the simplest experience. It doesn’t take a long time to set up, it’s just a process you have to go through.
There is a USB cable that you use to connect to your computer and put the device online. You can then send and receive crypto assets and use the wallet apps to see the activity on the device.
When the device is disconnected and saved somewhere safely, it is offline.
Many crypto purists believe that you must own a hardware wallet and that your assets are not really yours unless you control the keys and the device on which you store your assets. For those who feel that way, the Ledger is a great solution.
I personally am happy to store my crypto assets with our portfolio company Coinbase in the cloud, particularly in their vault offering which provides delayed withdrawal and multi-sig on the account.
But I do understand those who feel that storing your assets on your own device is the right answer.
Where I find value in the Ledger is as a solution to store crypto assets that aren’t supported by Coinbase and/or some other trusted hosted storage provider.
What many people do is store their “alt-coins” on the exchanges that support those coins. That has turned out to be a dicey option as many exchanges have been hacked over the years.
What I advise, and do, is to store these “alt-coins” on a hardware wallet, like the Ledger, and then move them onto an exchange to trade them, and then back off after the trade clears.
The idea is to limit your assets in “hot storage” as much as possible and maximize your assets in “cold storage” as much as possible.
And for that, the Ledger Nano is a great solution.
Comments (Archived):
it is also my choice, but what you gain in security you lose in convenience. you can t trade on the go. you need to the cable and a computer with you for this.
Get the Blue if you don’t like the cable ๐ & you can pair both with a smartphone and use as an authenticator for better 2FA.
is bluetooth as secure as a cable?
should be. i didn’t question that.
does Blue work with Yubikey 2FA?
yeah…out of stock. a little nervous if would lose the device though for a 2FA
it would be like losing the key to your house. I haven’t done it, but I see people attaching a small secure key to their keyholder and it’s with them all the time.
yes. but i don t like this option but at least with a phone i have “find my phone” and remote eraze. not here…
These devices should all have 2FA through another channel and immediately send a flag when they are plugged into (or connected) to a device that has not been authorized.
Generalizing from this and Fred’s comment about usability, one of the two biggest challenges for crypto is to solve for BOTH security and UI for the mass market. The other is how to solve for BOTH privacy and verified identity.Once the industry solves for these, scale and mass adoption will pretty much look after itself.
100% agree. this is critically missing
As Vitalik says (speaking of Ethereum), “making security usable, and usability secure”.
Yup…I have 2 Nano’s and 1 Blue ๐ The Blue is touch screen and bluetooth, so no wires required + more apps. The Blue is also easier to use. https://uploads.disquscdn.c…
the rule about scarcity rules;https://www.amazon.co.uk/Le…
It is supposed to be 229 โฌ.
It looks like a tablet .
It’s very small actually.
did Ledger throw in a complimentary magnifying glass?
Wherever it’s stored, consider labeling it clearly, so you or someone else will know what it is in 5 years, and perhaps keeping it inside a zip-lock bag (unless it’s waterproof).
There is a fundamental law in cyber security to not store encrypted data on the same device that has the keys. My initial impression is that “wallet” software contains your private key. What happens if you lose the thing? I assume the security controls have been well thought out. (But generally that has been a bad assumption in the past.)
There are backup codes
What is the device simply dies?
Backup codes work on any device/app/program which interacts with the blockchain.
Meaning that if I lose the device I can buy another one and retrieve my tokens? Wow, I’ll look into that to understand it more.
yes, that’s what you can do. storing your seed words is critical. lose your PIN and you recover with the seed. lose your device and you recover with a new one with the same seed. the Wired article is a bit disturbing though. it means you need to be very careful about where you store your device. it seems the seed is not the only way to recover your tokens. not good, but good to know.
Yup – the solution is far from perfect, but as far as I know it’s the best solution we have for now outside of cumbersome paper wallets stored in safety deposit boxes.
i’m not a paper wallet person. paper is a poor medium for storage.
BIP 39?
Indeed…… the Trezor is also a great option.
Can you get a Knicks colors/branded Ledger Nano S?
Great idea! With a Squarespace logo on it ๐
that would be the Nano K
Can you attach a Tile to it in case you lose it?
Look what I found! I wonder what is on it !!
What happens if you lose it? What happens if it breaks? (ALL Flash memories have finite lives).
You receive seed words to use in case it breaks. They also encourage you to buy two so you have redundancy. ๐
Instructions unclear, bought 256 for octuple redundancy
Not exactly selling pick axes to gold miners, but interesting.
This is like a new form of bearer bonds. Is there any estate planning legislation about leaving code in a will or other code or AI?This will some how arc back toward the gov. as it hits mainstream. It will be interesting to see who champions it on that route.
with bearer bonds don’t think there is a record.on the blockchain there is a record of everything–no?
But private. But there are government agencies that you can send your bonds into for redemption. I don’t know for sure.
.Bearer bonds are a bit of a head fake. The ownership is defined by physical possession rather than “book entry.” Other than that, they operate just like normal book entry bonds.Nonetheless, they pay interest/principal which must go to an account or a physical address. This requires the issuer to obtain this information which is usually held by a transfer agent who administers the actual payments.A lot of bonds require the issuer to escrow the payments which enables bond holders to “appear” from time to time and claim their portion of the escrow.To obtain such payments the holder of a bearer bond must provide evidence they are the holder of the bond. In the old days, this was done with a “coupon” which was attached to the bond itself. In the case of a bearer bond, it is physical possession.I collect ancient Chinese bonds and the ones with the coupons attached — meaning they didn’t get any payments — are more valuable. In the case of Chinese bonds, all payments stopped in 1949 when the Red Chinese took over China and repudiated all debt from the prior regime.People often use bearer bonds to move money and will not provide info for the payment of the interest/principal — sometimes for years. When they surface, they are able to bring their bonds up to date, but again, they have to provide proof of their ownership which is often done by having a physical certification of the bond by a third party.The big issuers of bearer bonds have often been South American oil companies. Some of these bonds have paid 8% and are 50 year bonds.JLMwww.themusingsofthebigredca…
Bearer bonds in the US were restricted by TEFRA in 1982. You could still technically issue them, but there was an excise tax to the issuer of 1% times the number of years of payments, so effectively they ceased to be issued. Outstanding bonds could remain as bearer bonds, and became more valuable as a result and were bid higher than registered bonds by the same issuer. 35 years later, the last of the bearer bonds are likely gone, though I think there might be some 20th century railroad bonds with coupons that were issued as 100 year maturities still kicking around.You didn’t need a physical address or account number to get paid. You could show up at the bearer bond window with your bond coupon (“clipping coupons”) at whatever bank on Wall Street was handling the payments, and get paid in cash. There was literally a walk-up window just to handle this at most big banks, as there were thousands of bearer bonds outstanding.Needless to say. TEFRA acted to block their issuance for tax avoidance reasons.
.You are talking US issuers.Right now if you wanted to you could go to a Luxembourg bank (Banque et Caisse D’Epargne D’ L’Etat) and deal in cash and carry acquisitions and sales of S American bearer bonds issued by sovereign nations and oil companies, you would find a wealth of opportunities.If you are not a client, you would have to go in person and have “ready funds.” You would need an intro.If you are feeling ballsy, look at Venezuela 2038 (check me on this as I am operating from memory) which are collateralized by 50.1% of Citgo. They were selling at a 50% discount to par (face) value within the last year.I am not up to date on my Mexican “cetes” and “tesebonos” which were a huge win on the cusp of the Brady Bonds. They were similar and could be bought and sold by US border banks (International Bank of Commerce in Laredo, TX). Very hands on and also conducted in person.Cetes were zero coupon bonds which had the same effect as a bearer bond as they traded with accrued interest. This is different than the current 2010 program.Tesebonos could command a 65% interest rate (subject to up to 1% monthly currency risk) back in the day, the day being the Tequila Crisis days. They were the only thing in my life that looked too good to be true and were true. I miss tesebonos.JLMwww.themusingsofthebigredca…
An epic Wired story that serves as the perfect companion to your post.https://www.wired.com/story…
what a nightmare, and not saying much for Trezor’s security reputation if it can be opened up like that.
.This feels like a step backward in the direction of digital stone tablets.It creates an additional level of potential exposure — loss, damage, complexity, theft, threatening action if one doesn’t turn over their Ledger and the codes.It seems an indictment of the digital security of the blockchain which was one of its big selling points, no?Is this really progress?JLMwww.themusingsofthebigredca…
Step back to close the gap, then forward?
.I seem to remember Madame Francoise saying the same thing when teaching ballroom dancing back in my cadet days. She smelled much, much better.She used to say, “Gentlemen, hold your heads high and back, like elegant swans. Remember, dancing is vertical foreplay.”I might have mis-translated her words. She was very French.JLMwww.themusingsofthebigredca…
Indeed, also I wouldn’t want to store digital assets on something that is specifically sold for that – it’s a sign post to attract bad actors.
See my comment elsewhere.
close. it can be hand stamping scrambled seed words on titanium credit card blanks. the things we do in the name of progress :)’In Ti We Trust’ (Because It Will Not Rust) or burn, or melt, or generally decay.
Back on the early XXth century, one of the greatest challenges for banks was to convince people that their money was safer in their vaults than under their mattress. Has that pendulum swung too?
I love the Nano S, I see owning one as a rite of passage in the cryptocurrency space.However, even here, the immaturity of the industry shows. A few notes:1) Certain software updates to the ledger will WIPE IT CLEAN! This means getting out your passphrase and reinitializing the wallet.2) Not any USB cord will do. I was feeling lazy and just grabbed another one and the damn thing wouldnโt connect, it needed the one it was sent with. Iโm sure that the USB cord needed by the ledger is a normal standard, but it makes it a bit harder to work with.3) The software is a bit funky and doesnโt always connect.Despite this, my stress went down 10 fold when I got my funds out of my local wallet and into ledger. My hope is that as the industry matures, the different wallet products matures to solve these issues.
Can someone tell me how to reach Coinbase support? My account was disabled about a week ago and I can’t get it enabled. The support via website isn’t helpful. Spent over 3 hours on hold with phone support yesterday. Reached human 3 times, each time the call was dropped before issue resolved. I asked the last human if they could call me back if the call us dropped (my # is in the account), nope, against their policy. But they can email me. Seconds later that call dropped and still waiting for my email back. Dreading starting the process again today but don’t have a choice. Seems like huge biz liability if they are unable to resolve issues quickly that restrict ability to access assets. Sorry to post this to this conversation but not many alternatives for seeking help.
Good purchase Fred – grabbed mine earlier this year when I decided to go all in on ETH.Reading through the comments here reminds me just how early we are in the cycle of adoption though… both in terms of awareness (what a private key/passphrase is) and usability (comments are 100% right that the ledger/trezor feel rudimentary).I love my Ledger, but I’m looking forward to more elegant solutions to blockchain interaction in the near future.
Digital Bitbox is so much easier! I also love that backup is done to a microSD card and the keys never appear on (a potentially compromised) computer.https://digitalbitbox.com/Also:- second wallet in case you are forced to reveal your password- U2F so you can claim it’s just a hardware token for access to Dropbox etc
i always wonder about the lack of a dedicated screen for login and recovery (keylogger malware et.c.)
They’ve got a smartphone companion app for all that and more.
ThanksAs I am starting to get paid in some of these alt coins it is time to get one of these widgets.
Unclear what the advantage of this device is [1] over simply using an ordinary USB and (as only one example) Apple encrypted volume with strong password. Can even upload it to the cloud if you believe in the strength of the password you have used.You could also create copies of the encrypted volume and keep them in different physical locations.[1] I am trying not to sound like the guy who said ‘who needs dropbox when you can use rsync’ but honestly this is super easy to do. I also think it removes a point of failure in using someone else’s hardware which in theory could be compromised in advance… https://uploads.disquscdn.c… https://uploads.disquscdn.c…
you are…. storing your seed words with this?
You cannot actually *use* your crypto with this method, you would need to import the keys in a software wallet on a trusted computer in order sign a transaction. The Ledger Nano S lets you store the private keys and give you the ability to use your cryptos in a safe way, the transaction is created on your computer and the actual signing is delegated to the Nano S that has a secure screen to validate you are approving the correct transaction
I actually like that greater degree of control. I would buy a small laptop which the sole purpose would be to be the trusted computer. In that case the encrypted volume would be stored elsewhere and connected only for a transaction.Another less expensive option (than a separate computer) is to simply create a bootable volume from an SSD. When doing bitcoin transactions you boot from that and do what you need to do. And actually that can contain the encrypted volume. Or it can be separate. When you are done (with transaction) you simply power down and put the bootable volume in a safe location. The sole function of the bootable volume is to do crypto transactions. The way I see it the ‘obscurity’ of the setup that I propose is ahead of a solution that was designed by someone else and has plenty of people waking up and trying to defeat it.
Hi Fred, there is a very nuanced mistake in your post. The whole magic about hardware wallets is that it is always cold storage, never hot – even if you connect it to your laptop. The private keys (or seed) never leave the device, you can only sign transaction messages with it. This is what makes it super convenient (unlike a paper wallet) but also super secure.So what you wrote here might be misleading:”There is a USB cable that you use to connect to your computer and put the device online (hot storage). You can then send and receive crypto assets and use the wallet apps to see the activity on the device.When the device is disconnected and saved somewhere safely, it is offline (cold storage) and your crypto assets cannot be accessed over the Internet.”Edit: And what is also super important, you can of course always receive crypto assets even if your hardware wallet is not connected to anything.Greetings from your second home, Paris
thanks. i will fix that.
Maybe I misunderstand the terms “hot-storage” vs. “cold-storage” but I don’t believe using a hardware wallet such as Ledger or Trezor is ever “hot-storage”.I understand “hot-storage” to mean that the wallet itself is connected to the internet and there is a potential path, from the internet, to the wallet. At this point there is risk to the owner of the wallet.When moving funds using a hardware wallet, you do connect the wallet to a device connected to the internet, but there is no path to the wallet from the internet. Any action must be approved by the wallet owner. The private keys are 100% protected at all times.
thanks. i will fix that
Cool. FWIW this is my understanding and it could be wrong ๐ The important thing that I know I’m not wrong about is that the primary benefit of using a hardware wallet is that the private keys are at all times 100% secure. (well, this is the theory at least. It has been shown that the Trezor at one point could be disassembled and the keys obtained, while the Ledger contains a secure enclave)
You’re right. Cold storage generally means that the keys aren’t on an internet connected device. With the Ledger Nano S, they remain on the Ledger and only the signed transaction gets sent back to the computer.
I wonder what alt-coin is fred holding?
not forgetting the BIP 39 word list codes;https://github.com/bitcoin/…
i like Keepkey hard wallets, but this is a misappropriation of development resources imo;https://www.keepkey.com/201…
All well with you guys?
hi Fred! …just a small & IMPORTANT suggestion, …I LOVE the Ledger Nano (had been a happy user for a while), but…I would STRONGLY suggest buying it directly from the maker! …as those that can be acquired in third party stores could have been compromised!!! There are bad bad reviews from people that bought them online in third party outlets. Buy directly from http://www.ledgerwallet.com that is the maker! Best, nico
Josh Habdas:Are you an expat in Bali? We are eager to hear more about the lifestyle, positives and negatives.Thanks in advance…
These devices should come with a link to an online training video. Cyber security is hard enough. Crypto-currency security makes even my head spin.
He was quoting my partner Albert. http://continuations.com/po…
.Your website is the best resource I have ever seen on becoming an expat anywhere. Well played.I might have to move to Bali just to move to Bali.JLMwww.themusingsofthebigredca…
and the tax regime in Bali?
.Most of my prior several adventures in moving to foreign countries entailed a fair chance of being killed. I do admit I often arrived with guns, a very aggressive attitude in the company of similarly minded persons, but I was a man of my times.If I were not married, children, grandchildren — I would be at the airport.There is a business in there for you because people consider moving to such paradises until they confront what it entails. Yours is the pill that makes all the problems go away.Play on.JLMwww.themusingsofthebigredca…