ledgerNanoX.md 1.86 KB
Newer Older
Leo Wandersleb's avatar
Leo Wandersleb committed
1
2
3
4
5
6
7
---
title: "Ledger Nano X"
appId: ledgerNanoX
authors:
- leo
released: 
discontinued: # date
Leo Wandersleb's avatar
Leo Wandersleb committed
8
updated: 
Leo Wandersleb's avatar
Leo Wandersleb committed
9
10
11
12
13
14
15
16
17
18
19
version: 
dimensions: [72, 18.6, 11.75]
weight: 34
website: https://www.ledger.com/
shop: https://shop.ledger.com/products/ledger-nano-x
country: FR
price: 91999CLP
repository: https://github.com/LedgerHQ
issue: 
icon: ledgerNanoX.png
bugbounty: 
Leo Wandersleb's avatar
Leo Wandersleb committed
20
21
verdict: nosource
date: 2021-08-01
Leo Wandersleb's avatar
Leo Wandersleb committed
22
23
24
25
26
27
28
signer: 
reviewArchive:


providerTwitter: Ledger
providerLinkedIn: ledgerhq
providerFacebook: Ledger
Leo Wandersleb's avatar
Leo Wandersleb committed
29
providerReddit: ledgerwallet
Leo Wandersleb's avatar
Leo Wandersleb committed
30
31
32
---


Leo Wandersleb's avatar
Leo Wandersleb committed
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
Ledger has this to say about their technology:

> At Ledger we are developing hardware wallet technology that provides the
  highest level of security for crypto assets. Our products combine a Secure
  Element and a proprietary OS designed specifically to protect your assets.

"proprietary OS" does not sound good. As we learned when reviewing
{% include walletLink.html wallet='hardware/trezorOne' verdict='true' %},
"Secure" Elements and open source firmware do not go well together and that is
why Ledger's firmware (or OS) is proprietary and to our knowledge closed source.

Looking around we cannot find any pointers to the firmware's code but plenty of
claims for it being closed source.
[[1]](https://www.reddit.com/r/ledgerwallet/comments/m4crxn/closedsource_firmware_code_and_potential_of/)
[[2]](https://www.reddit.com/r/ledgerwallet/comments/drycu3/close_source_nature_of_ledger_dangers/)
[[3]](https://www.reddit.com/r/Bitcoin/comments/h8n3rt/ledger_closed_source/).

Ledger defends their stance on using this approach
[here](https://www.ledger.com/secure-hardware-and-open-source).

While arguably there is scenarios under which a "Secure" Element with a closed
source firmware could save a user from theft, it **opens the door for a provider
to steal all the funds of all the users at once**, which is our mission to call
out. This product is **not verifiable**.