Ledger Nano X Crypto Wallet Adds Bluetooth and Addresses Security Concerns
On January 7, 2018, the crypto community’s highly-popular Ledger hardware wallet has revealed the handful of updates that are to be included in its new Nano X model. A larger screen, mobile app, and Bluetooth capabilities make the device a coveted upgrade from the former Ledger Nano S. Although there is skepticism toward the new wireless attributes, as this may open up yet another vector of cyber attack.
Hardware Wallet and Bluetooth: A Match Made in Heaven?
Announced at this year’s Consumer Electronics Show (CES) in Las Vegas, Nevada, the Ledger Nano X model’s Bluetooth feature has made waves in the crypto community.
The famed crypto wallet is now able to connect wirelessly to an associated app, Ledger Live Mobile, alleviating friction for users. When using the Nano S model, one would have needed access to an external application, usually on a desktop or laptop in order to write and send cryptocurrencies.
The upgraded device also comes with larger memory to allow a larger number of token-specific apps to interact; as per the official Ledger Nano X website, the device has a far greater memory capacity to it predecessor and will be able to hold up to 100 secure applications and 1,100 cryptocurrencies. Each crypto-protocol will have its own application, this development also means that users aren’t able to send ether to a Bitcoin address, and only keys representing the same protocol will be executed.
As for a price point, the official website states that the Nano X will be available for pre-order, at time of writing, for $139 and items won’t be shipped until March 2019; additionally, the Ledger Nano S has begun retailing at 40 percent less than it was in 2018.
Security Measures and Trends
The upgraded Ledger’s greatest feature has also sparked the greatest concern causing speculation to arise, critics have argued that by adding Bluetooth capabilities, it can open up a greater number of attack vectors.
These concerns come on the heels of a recent vulnerability discovered by Wallet.fail at the Chaos Communications Conference (35C3) in December 2018. During their presentation, the team revealed a method for hackers to sign transactions remotely after infecting the victim’s computer with malware.
https://twitter.com/5chdn/status/1082242130234478595
To this end, the Ledger and Trezor teams quickly announced incoming patches for their software and claimed the vulnerability to be resolved. Following up on the security of the wireless network needed for the Nano X and quashing the notion of private keys being transmitted via Bluetooth, the FAQ writes:
“The private keys never leave the secure chip, therefore Bluetooth communication (BLE) does not expose the Ledger Nano X to any additional security threat. The BLE connection is end-to-end encrypted to protect user privacy. In the unlikely case, the BLE transport were to be compromised, an attacker would never be able to extract private keys or make users sign a transaction they do not wish to sign.”
The launch of the next generation cryptocurrency wallet also speaks to a growing trend in the industry: the ability to connect a hardware wallet with a smartphone application indicates a shift towards greater usability. Similar products, such as the Cool Wallet S, have also emerged with a native Android and iPhone application. It is likely that a hardware wallet that maintains a high degree of security, and a clean UX/UI, will capture a market looking for easy crypto solutions.