I used a Ledger Nano S for three years before switching. Not because it stopped working—it didn't. I switched because I finally understood what "don't trust, verify" actually means in hardware security.
The Ledger Problem: Closed Source Means Blind Trust
Ledger's firmware is closed source. You can't see the code running on your device. When they released Ledger Recover in 2023—a feature that splits your seed phrase into encrypted shards and sends them to third parties—the community lost it. Not because key sharding is inherently bad, but because it proved the firmware could extract and transmit your private keys.
Ledger's response was essentially "trust us, we won't enable this without your consent." But that's exactly the problem. With closed source firmware, you have no way to verify that claim. You're trusting the company, not the math.
Continue reading the full article on TildAlice
Top comments (0)