Ledger No Longer Safe? – An owner perspective.

Ledger No Longer Safe? – An owner perspective.

There has been a load of controversy in the media the last week- 10 days approx, over an issue called ‘Ledger Recover’


I like this guy, Michael Gu from Boxmining. Brings forward the most pertinent pieces of information quickly and clearly.

Without going into too much details about how the ‘Ledger Recover’ works, there are two overarching aspects of the provision.

Tekedia Mini-MBA (Sep 11 – Dec 2, 2023) has started; registration continues here

Tekedia AI in Business Masterclass opens registrations here.

Join Tekedia Capital Syndicate and co-invest in Africa’s finest startups here. Next cycle begins Oct 2, 2023.

  1. It is just an option, it is completely ‘opt in’. Those who decide to deploy it will need to weight up the loss of decentralization against the protection of being able to recover assets if the private key is lost.
  2. The ‘Ledger Recover’ option cannot get accidently installed, like for instance, in a firmware upgrade.

To some extent, this is where the ‘drama’ ends. To some other extent, it begs the question of what should we really be talking about when it comes to Ledger?

I’ve seen a lot from ‘the community’ releasing commentary about Ledger and for the most part, I’ve been avoiding commenting, because 9ja Cosmos owns one.

Up to now, I’ve seen nothing written about from the perspective of an owner. All of the content on here has been a reflection on breaking news, and opinion in the public domain.

Andrew Bigwood was the only person so far, even amongst comments, that I’ve seen mention even owns one. I noticed this on a post by Brian Naughton.

Why I (or 9ja Cosmos) have a Ledger Nano X:

Currently, 9ja Cosmos operates without owning infrastructure. I’ve been very transparent on this.

On the asset storage side we use one system with a custodial wallet embedded. This is because it has an integrated marketplace, and we use it to push off non-project domain assets we have inadvertently accumulated and don’t need.

This is a commercial system with several other services and has a support team. It is, however, vulnerable to the same centralized problems of a CEX – ‘not your keys, not your crypto’ (or Non Fungible Assets – NFAs).

We use three separate Self-Custody (Non-Custodial) Wallets for the project domains. Think of them as downloadable apps integrated to the blockchain core via a node. They are open source with community assistance though Discord and Github, but the assets remain fully the operators own responsibility at any time, and if there is a problem, there is nobody to hold accountable except oneself.

While the first type is on a corporate server, and the second type is a locally kept installation on a device, they are all software, i.e. ‘hot wallet’ type environments, and have the vulnerabilities that implies.

Storing NFAs in a cold-storage hardware wallet is the safest option. It provides the most security as all data is stored offline and protected by a device password, PIN code, and 24-word secret phrase.

Moving NFAs to a hardware wallet like the Ledger Nano X makes it almost impossible for hackers to steal them.

One of the biggest drawbacks of hardware (cold wallets) is ‘Illiquidity’ – As cold wallets are offline, it might take time to access in-device currency. Cold wallets are suboptimal for day traders and quick transactions, but as 9ja Cosmos Web 3 TLDs (Top Level Domains) are not immediately required by a project, this isn’t an issue.

Most of the NFA owner communities are focused on Digital Collectables minted to Ethereum sidechains and L2s. Handshake Domains are a bit ‘exotic’ and the Ledger Nano X is the only hardware wallet I know that accommodates them. Even at that, the ‘HNS wallet integration’ isn’t an off-the-shelf selection from Nano X menu, and I have to go into ‘Developer Mode’ and do a bit of work to get the wallet operational.

Recent Firmware Upgrade

So I embarked on a firmware upgrade to test the Premise 2, in Michael Gu’s video…

‘The ‘Ledger Recover’ option cannot get accidently installed, like for instance, in a firmware upgrade.’

Before doing the upgrade, I double checked my seed phrase ‘stash’ to ensure I had everything I needed to mitigate against a failed upgrade. I also batch moved all my high value project domains to a self-custody hot wallet.


Progress… progress… zzzz!
The Ledger Nano X device has a small input field visible via LEDs. It is used for numerical pass keys, confirmations and cancellations and contains numerals 0-9, a wrong/cancel symbol (x) and a right/proceed symbol (tick). During update, this needs to be intermittently visited on the device, prompted by the ‘Ledger Live’ app on the owners computer or phone.
Confirmation that the firmware is updated. Note the highlighted button ‘Re-Install apps’. These are the wallets that hold specific types of assets. The Nano X can hold up to 1000, while the S model can only hold 3.
Finalizing permission to re-establish Ledger Manager.
The Firmware upgrade is completed. The screen confirms it is up to date (ver. 2.1.0)


So… ok.. we’ve confirmed that a firmware update doesn’t impact on the VOLUNTARY feature – ‘Ledger Recover’

Ledger, based in Paris, raised $380 million in a Series C funding round last year. It was led by digital asset fund 10T Holdings. The funding round also received support from Cathay Innovation, Draper Associates, DCG, Korelya Capital, and Wicklow Capital.

What’s all the noise about then, and how has this capital been of ‘best service’?

You will notice in the final screen, the ETH and MATIC apps are good-to-go, but I haven’t been using them. The Handshake app has a strange status next to it that just says ‘learn more’.

This was exactly the status I had before I went into Dev. mode, and provisioned the service manually. That’s not something I really want to do every time I do a firmware upgrade. In car maintenance, this is like having to lift the whole engine out, just because an oil change is needed.

Extremely lucky to have moved the domains to another location before attempting the upgrade – no prompt or warning appeared in the upgrade process to suggest it could result in assets being put beyond use.

Clicking the ‘learn more’ leads to this interface on a website. The ‘live chat’ option is not available, though I’ve tried to use this several times, and mostly at times that would be normal office working hours for Paris.

Why don’t I choose the Email option? Well, I tried that on 27 December 2022, and seems like it went into a black hole. I didn’t even get an auto-responder to drop a mail to my inbox and never got any follow up. No enthusiasm then with trying the same approach again.

Quite disappointed with the performance of the Ledger Nano X so far, and the biggest failure is the support. This was also hinted by Andrew Bigwood. This makes me think that the drama over the ‘Ledger Recovery’, is a complete distraction, when the company should really just be about improving the basics.

But the thing is – can I endorse any alternative? Not really. I haven’t experimented with the products of any other manufacturer, and I don’t see anything explicit in sales literature or comparison articles that confirms them as a hardwallet solution suited to Handshake Domains.

For now, all hardwallets seem to be able to offer is a ‘dis’, not a handshake.


9ja Cosmos is here…

Get your .9jacom and .9javerse Web 3 domains  for $2 at:

.9jacom Domains

.9javerse Domains

All reference sites accessed 20-21/05/2023








Share this post

Post Comment