I recently obtained a Ledger Nano S Plus. It was custom branded for Tribe X, one of the NFT projects that I am participating in. The packaging was very nice and simple, it included the device itself, paperwork, a USB A to C cable and a keychain loop.
Setup - Initial setup
I went to www.ledger.com/start to get the process going. For my first test/setup, I was just going to create a new wallet like a normal new user would. The process went pretty smooth, and I was up and running on my Ledger pretty quickly.
A few recommendations:
- Make sure you pay attention to the setup screen information, it is useful especially for a new user.
- Make sure you write down your recovery phrase on a paper, do not store it in a file on your computer - that would defeat the entire purpose of an offline/cold wallet.
Setup - Recover prior software wallet
First, let me say that my next test was just a test and you should NOT do this for actual long term use of your device. I already had a prior software wallet, so I decided to recover that wallet onto my Ledger. This is a HORRIBLE idea from a security perspective since it defeats the purpose of a hardware wallet but for testing it was fine. As expected all my old stuff showed up fine, so I plan to use this setup for testing to see how it impacts things for me. Most of the services I deal with support WalletConnect, which is supported by Ledger Live (the desktop/mobile app that interfaces with the Ledger device). I had one site that doesn’t support WalletConnect, but MetaMask did work. The only thing I don’t like is you can’t get to the point of using Ledger in MetaMask if you don’t have a MetaMask account setup. However for most users, they likely have a MM account so this shouldn’t be a problem.
FIDO U2F Support
While the Ledger is mainly focused on crypto, it does have a feature that users should look into a security capability for their online accounts. The Ledger can support FIDO U2F (two-factor authentication). You can read up on Ledger’s info on this feature here ( https://www.ledger.com/fido-u2f/ ). If you read my blog, you know that I have tested Yubikey hardware tokens. For the Ledger implementation, two things stood out as interesting:
- The Ledger is PIN protected, so someone can’t use your hardware token if they don’t know your PIN.
- You can restore your recovery phrase on another Ledger wallet and get access to your FIDO U2F again.
From a security standpoint the ability to recover your key onto another device means that if someone gets your crypto private key, they can restore onto a Ledger and also get access to your FIDO U2F so depending on how paranoid you are that might be a bad thing. However it also means that, as long as you know your crypt recovery info you can always restore your FIDO U2F access on a Ledger device.
Thoughts so far
The increased security adds some complexity to the process. If you are used to just having a software wallet like MetaMask, you now have to remember to keep your Ledger nearby. However the increased security, keeping your key on a hardware device and not in your software, is worth it for anyone in the crypto/NFT world in my opinion. Remember, this helps to secure your private key but you still have to be careful with the sites you interact with. Ideally you keep your hardware wallet for “trusted” sites and never use it for minting and maybe do your minting type activities on a software wallet to keep some separation. If you already have a software wallet, just move your valuable NFTs to your Ledger and keep using the software wallet for minting.
No comments:
Post a Comment