Ledger Nano S Review | Why You Need a Bitcoin Hardware Wallet
A 6 Minute Read
Support The Tin Hat on Patreon! Just one dollar makes all the difference in helping me write more content!
Bitcoin: Easy to Use, Easy to Lose
When browsing Reddit’s /r/sorryforyourloss, it doesn’t take long to get a uneasy feeling in your stomach about the security of your precious bitcoin. The subreddit, which features numerous stories of people losing their bitcoin in just as many different ways, is meant to “showcase the top minds of bitcoin (and cryptocurrencies) failing to secure their precious internet money properly” with the ultimate goal of inspiring people to reassess and up their defenses.
Of course, there is no shortage of methods through which you could lose your bitcoins, but the most popular tend to be forgotten passwords, lost wallet files, hacked computers, and compromised exchanges. Compromised exchanges present a relatively easy problem to solve: don’t keep your bitcoin on an exchange, and instead use your own keys. Lost wallet files and forgotten passwords are also relatively straightforward: use a wallet that allows you to write down a recovery seed, like Electrum, and store this in multiple secure locations. Hacked computers, however, are a trickier beast.
The way that many defend themselves against a compromised system is to use offline operating systems booted from USB sticks with other USB sticks being used to transfer transaction files to and from online computers. I’ve done this for several years, and while it offers an adequate level of security, it also makes actually using your bitcoin a long and inconvenient ritual, to the point that if you’re like me you’ll grab for your credit card before bothering to access your bitcoin.
Hardware Wallets to the Rescue
Luckily, hardware wallets effectively solve this problem. In short, they consist of a physical device that typically interfaces with a wallet application on your computer through USB, and allow you to securely hold and spend bitcoin without worrying about your computer being compromised. They do this by using a tiny on-board computer that is specifically designed to securely hold bitcoin keys and use them for signing transactions. This way, the actual keys that unlock your bitcoin never actually touch your computer, and theoretically cannot be stolen by malware.
Moreover, well designed hardware wallets will have a display on them that will visually show the address that your bitcoin will be sent to when performing a transaction, as well as the amount that is being sent. What this prevents is malware changing the destination address and amount behind the scenes before your transaction is sent from your wallet application to the hardware device; thus, if the address or amount listed on the hardware’s display differ from what you typed into your wallet application, you know you’ve been attacked and can cancel the transaction before it is sent.
Of course, all of this relies on being able to physically secure the hardware wallet. Fortunately, we are much better with physical security than we are with digital security. We’re far more used to securely storing paper documents and physical keys than we are with securely storing digital files that can be copied, moved, and stolen without our knowledge. Most hardware wallets will require a PIN to unlock as well, so that if someone does manage to steal your physical device, they won’t be able to use it without the PIN. Finally, hardware wallets (should) always provide you with some sort of recovery key that you can write down and store in a secure location, such that if you lose your wallet you can still recover your bitcoin.
With all of these advantages of hardware wallets in mind, in late 2016 I decided to purchase a Ledger Nano S, Ledger’s newest bitcoin hardware wallet (my Amazon affiliate link).
Ledger Nano S Review
First of all, I feel compelled to say that I have never tried a Trezor or Keepkey, or any other competing hardware wallet for that matter. Therefore, I won’t be touching too much on either of those products as I haven’t actually used them. I also am not qualified to comment in detail on the technical security of the device (although, I have not read anything about its security that wasn’t positive). My perspective in this review is as someone who long held bitcoin using cumbersome security practices, and yet still never quite felt secure. From that perspective, I must say that the Nano S has been worth every satoshi.
The Nano S comes as the successor to the Ledger Nano, with three notable improvements being the addition of a display on the device, the addition of physical buttons on the device, and the ability for the Nano S to generate its keys on the device itself (the older Nano required you to boot an offline computer for initial setup). Of course, with these improvements comes a higher price, $81CAD specifically, which is almost double that of the original Nano. With that said, this still rings in lower than the Trezor or Keepkey, which emerge at about $10-20 more.
The Nano S also features multiple apps that are isolated from one another. These include wallet apps for other cryptocurrencies, like Dash and Ethereum, as well as an SSH/PGP client and a FIDO U2F client (more on the importance of U2F can be found here). As well, more apps will likely be added in the future, so it is nice to know that your purchase might just grow in potential use-value.
In terms of physical construction, the Nano S feels tough enough, but I can’t help but wish that it felt more solid given that its target audience is likely to hold at least a thousand dollars on it. Again, unless you’re treating it terribly I doubt that it would break, but I also wish that my heart wouldn’t skip a beat if I dropped it on concrete. Nevertheless, it is very compact and lightweight, and will easily fit on your key-chain if you desire to carry it with you (as I do).
Using the device is straightforward. Upon plugging the device into your computer, the screen will power on and you’ll go through a simple initialization process, which will include setting a PIN and backing up your seed on the included recovery sheet. Make sure to keep this recovery sheet in a safe place, and consider making a copy in another location. If you lose your Nano S and the seed, you’ll lose all your bitcoin. You can also set the PIN to start from random numbers, so that if someone listens to how many times you click up or down to type in your PIN, it will be different every time.
Pressing either button at the top will cycle through various menu options, while pressing both at the same time will select whatever is currently highlighted. I initially thought that this would be quite cumbersome, but it turned out to be extremely usable. In fact, getting in and out of each app/setting/menu rarely takes more than a few clicks.
Speaking of which, to use the bitcoin wallet, all you need to do is install and open the Chrome app that Ledger refers to on its website, plug in and unlock your Nano S, and then enter the bitcoin wallet app on the device. If for some reason you don’t want to use Ledger’s own wallet app, you can also use a variety of others, including Electrum. Personally, I find Ledger’s wallet app perfectly functional and aesthetically pleasing, and love that you can easily manage multiple ‘accounts’ in the same window.
While the U2F authenticator is preloaded onto the Nano S, if you want to install other apps or upgrade the firmware on the device, you’ll need the Ledger Manager, which you will also find on their website. Note that you will need to enable the developer options if you wish to install the PGP/SSH app.
The only issue that I ran into is that it lacks instruction for use on Linux devices. Initially, my Nano S wouldn’t communicate with the Chrome wallet app, but a bit of Googling revealed that there are several udev rules that need to be added. It would have been nice to have this mentioned in the box. Another minor item worth mentioning is that if you ever perform a firmware upgrade, you will wipe the entire device and should make appropriate preparations. I wouldn’t count this as a point against the Nano S, however, it is just something to be aware of.
So, would I recommend the Ledger Nano S? Yes. In fact, I’d suggest that if you fit within the same perspective as I had (that is as someone who long held bitcoin using cumbersome security practices and yet still never quite felt secure), and if you have at least one bitcoin, then I’d urge you to buy one immediately. The Nano S is secure (so I hear), incredibly easy to use (while still remaining functional), supports multiple apps (with more coming), can be used as a U2F authenticator (which is $25CAD on its own), and, most importantly, just makes life with bitcoin better.
Of course, if you want to support me you can buy a Ledger Nano S using my Amazon affiliate link. Disclaimer: I fully paid for the product myself, and might make a few dollars from these affiliate referrals. With that said, in no way has that prospect altered my review, and I strongly encourage you to check out multiple reviews before making your purchase.