October
12
Ledger Nano X
Sinking. That feeling when you imagine logging into your crypto exchange account to check your growing portfolio, only to find zeros staring back at you.
Over the last four bull runs the cryptocurrency has attracted an increasing numbers of investors, enticed by the jaw-dropping profits that can be realised in the exploding asset class.
Predictably, criminals have also followed the money and a range of scams, hacks and crypto exchange failures have occurred.
For this reason long term investors – or ‘hodlers’ in crypto slang – often prefer to store large sums of crypto in their own wallets.
Given the steadily growing size of the crypto market we thought it was time to research an affordably priced, easy to use storage solution – which led us to the Ledger Nano X.
Types of Cryptocurrency Wallet
There are various different types of crypto wallet, not to mention brand so before diving into the security features of the Nano X its worth just considering the category this product sits in:
Software or ‘hot storage’ wallets come in a variety of forms, including web-based exchanges, downloadable desktop software and mobile apps.
These are connected to the internet some or all of the time which provides an element of convenience that may be particularly important to those who trade frequently. Some of these services also allow crypto holders to set automated stop-loss and limit orders allowing them to get in and out of trades quickly.
With that being said there are numerous risks with software wallets: the server, desktop or mobile they run on may be vulnerable to malware or other forms of hacking. There have been some significant hacks of crypto exchanges – including the largest heist ever at time of writing where some $600m was stolen.
“Not your keys, not your coins.”
Another price for the convenience offered by online wallets is that they typically store the private keys – effectively the passwords – for users’ wallets in order to conduct transactions on their behalf. This introduces issues of ownership and control neatly summed up in the saying “not your keys, not your coins”.
Many experienced holders of large amounts of crypto simply aren’t comfortable with outsourcing custody of their coins to an online platform. This is where cold storage wallets enter the picture.
These hardware-based devices typically come in a size and shape comparable to a USB stick and spend the majority of their time disconnected from the internet or any other device – significantly reducing the risks from hacking or malware.
Cold storage wallets provide the benefit of direct control over crypto assets.
Owners of cold storage wallets also hold their own private keys which introduces an element of personal responsibility, but also provides them with the benefit of direct control over their crypto assets.
General Features
The Nano X is a small fold-out device with a USB Type C connector. It has a 30 x 13mm screen, which we like because it is larger and easier to read than the earlier Nano S model.
Interaction with the device menus is via two buttons located on either side of the screen.
At the time of writing the Nano X is also capable of holding some 1800 different coins and ERC 20 tokens, which is more than many rival products we researched.
Ledger Live App
An accompanying Ledger Live app manages the process of sending or receiving crypto on your Nano X; for example, to or from a Coinbase account.
The following video demonstrates the process of receiving Bitcoin:
The app is available for both iOS and Android and we found the interface easy to use.
Secure Private Key Storage
The all-important private keys that provide access to your stash of coins are stored in a secure chip on the Nano X which is certified to CC EAL5+ standards.
Ok, so what exactly does that mean? We looked into it.
In short, there a seven increasingly demanding Common Criteria Evaluation Assurance Levels (CC EALs) as follows:
EAL 1 – Functionally Tested
EAL 2 – Structurally Tested
EAL 3 – Methodically Tested and Checked
EAL 4 – Methodically Tested, Designed and Reviewed
EAL 5 – Semi-Formally Designed and Tested
EAL 6 – Semi-Formally Verified Design and Tested
EAL 7 – Formally Verified Design and Tested
The ‘+’ suffix means the device in question had to meet some additional criteria in addition to the base level indicated. So in this case the Nano X has had to meet the EAL 5 baseline plus some of the most rigorous criteria from the EAL 6 or 7 levels, although it wasn’t clear from our research what those specifically were.
If you dig into the Common Criteria User Guide it states that EAL 5 and 6 require ‘resistance to attackers’ with moderate or high attack potential respectively. The Nano X secure chip should therefore be well hardened against potential attacks, which is perhaps also reflected in it’s ANSSI security certification.
Encrypted Bluetooth Connectivity
The device runs its own proprietary BOLOS Operating System which acts to encrypt the bluetooth connection to the phone you plan to pair with the Nano X.
Using bluetooth certainly provides some slight convenience over a cable (USB-C to USB-A supplied in the box), but may raise concerns in the minds of the more security conscious.
Ledger provide some reassurance on this front, noting that the Bluetooth Low Energy (BLE) protocol (v4.2) used by the device employs encryption (Elliptic Curve Diffie-Hillman) to secure the connection from man-in-the-middle attacks.
The Nano X also doesn’t pass any sensitive data (e.g. private keys, recovery phrases) over the bluetooth connection.
Device Authenticity
Another obvious worry when buying a hardware wallet is whether the device is genuine or some form of counterfeit and we looked into how Ledger tackle this risk.
During manufacture the company embed a secret key in each of their Nano X devices, which is used to provide the cryptographic proof needed to connect to the Ledger Live servers used by the accompanying app.
So in other words, if you can successfully set a Ledger device up with Ledger Live you can rest assured it is genuine.
Back-ups
All these security features may sound good, but a nagging question many will have is what happens if you lose your Nano X and therefore the private keys for your crypto?
The good news is that when you set up a crypto wallet you receive a 12- 24 word recovery phrase which can be used to restore your private keys. As long as you still have the correct recovery phrase you can restore your wallet on a new Nano X (or manage the same wallet from two Ledger devices from the outset so you have a back-up ready).
If you lose your Ledger and your recovery phrase then your crypto funds are truly lost, so its critical you keep a copy written in a secure place. We recommend investing in some specially designed steel or titanium metal plates such as the Keystone Tablet to record your recovery phrase.
The actual process for recovering private keys on a Nano X is straightforward and you use the two physical buttons to enter characters from your recovery phrase.
Summary
To wrap up, the decision on whether to use a hot or cold storage wallet is a personal one based on factors such as the amount of crypto held, planned frequency of trading and risk tolerance.
For those who choose to go down the cold storage route, we think the Ledger Nano X wallet is a great solution from a reputable manufacturer, blending ease of use, strong security and support for a wide range of crypto currencies.
If you plan on buying one we suggest ordering directly from the Ledger website or from a well-known vendor such as Amazon. Never buy a used crypto wallet as you don’t know whether it is reliable or has been somehow maliciously tampered with.
Disclaimer: this article is a product review and is not providing any form of financial advice.
Digital Security Watch 