Review: Putting Ledger's New Bitcoin Hardware to the Test

Ledger's new hardware wallet is the most costly on the market. Does it have the features to justify the expense? BitGo's Jameson Lopp investigates.

AccessTimeIconJan 28, 2017 at 6:03 p.m. UTC
Updated Mar 2, 2023 at 10:32 p.m. UTC

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

Jameson Lopp is a software engineer at BitGo, creator of statoshi.info and founder of bitcoinsig.com.

In this guest review, Lopp puts the recently released Ledger Blue hardware cryptocurrency wallet through its paces to see if its high price is matched by its utility.

  • Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
    13:18
    Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
  • Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
    05:10
    Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
  • The first video of the year 2024
    04:07
    The first video of the year 2024
  • The last regression video of the year 3.67.0
    40:07
    The last regression video of the year 3.67.0
  • Name: Ledger Blue

    What it is: A handheld cryptocurrency hardware wallet device architected around a secure element, featuring a touchscreen and USB/NFC/BLE connectivity for PC and smartphone compatibility. It runs multiple apps such as bitcoin, ethereum, FIDO U2F, SSH, and GPG, and can be used with a number of digital currencies including bitcoin, dash, Zcash, litecoin and dogecoin.

    Who’s behind it: Ledger, a French startup that builds personal security devices for end users, hardware security modules for servers, and hardware oracles for the IoT.

    Cost: €229 + shipping

    Date launched: December 2016

    Summary: The Ledger Blue is the next step in the evolution of cryptocurrency hardware wallets. It combines high-end security with ease of use. The biggest downside for early adopters is that the full capabilities of the device are not yet available.

    Where to buy: Directly from Ledger

    The basics

    At €229, the Ledger Blue is the most expensive bitcoin hardware security device on the market. The last time I paid this much for a hardware wallet ($200 for a Case Wallet), I was mostly disappointed. Let’s dig into the details to see if the Blue’s utility matches its price.

    Security

    The Blue comes with an impressive array of cryptographic and security features that you can read about in their announcement article and on the product page itself. Since most of them are honestly outside the range of my expertise to test, I won’t be performing a hardware teardown or deep technical dive because it wouldn’t be particularly informative.

    I’m confident in the security functionality offered by Ledger and will instead focus on user experience for this review.

    When I received my Blue, it arrived well packaged with tamper-evident tape along all edges.

    Ledger Blue Box 1
    Ledger Blue Box 1

    Upon opening the shrink-wrapped box, you’ll find a note that mentions that the device doesn’t actually need tamper-evident seals.

    Ledger Blue Note
    Ledger Blue Note

    Turning on the device for the first time and configuring it was a breeze.

    Ledger Blue Welcome
    Ledger Blue Welcome
    Ledger Blue Setup
    Ledger Blue Setup

    I generated my backup seed phrase, wrote it down, confirmed that I had it written down, and the Blue was ready to use!

    img_20161222_114319
    img_20161222_114319

    Inside the box, a note directs you to Ledger's site for configuration instructions. Ledger has also released a series of tutorial videos that make it very straightforward to learn how to set up and use the device.

    While I personally did not find the need to make use of these resources, I'm sure plenty of users will appreciate them.

    I decided to use my Blue to test BitGo’s Ledger integration that we were developing and have just released. You can read more about how to use the Ledger Blue or Ledger Nano S with BitGo in this guide.

    Ledger Blue BitGo
    Ledger Blue BitGo

    The Blue works well with BitGo’s web client, though there is one outstanding issue that Ledger needs to fix with their bitcoin app in order to better support P2SH transactions.

    At the moment, the transaction details are not displayed on the device, which only displays 'P2SH'. Ledger said it expects to release a new app to fix this in the next few weeks.

    screen-shot-2017-01-27-at-1-35-46-pm
    screen-shot-2017-01-27-at-1-35-46-pm

    The Ledger Blue is a lightweight device, the size of a small smartphone. At a mere 90g, it’s only half the heft of my Nexus 6.

    With the Blue, there is almost no risk to the user in case of device theft or loss. An attacker will find the device rendered unusable after three failed login attempts, while a lost device can simply be replaced and a new one reinitialized from the 24-word seed phrase.

    Ledger Blue PIN
    Ledger Blue PIN

    The large touchscreen that supports a QWERTY keyboard for input is superior to the Ledger Nano S’s two buttons, which can be a pain to click many times while navigating around the device.

    Incidentally, if you’re setting up a Ledger hardware device that doesn’t have a screen, such as the HW.1 or Nano, you should go through the hassle of setting up a secure computer to generate the seed – this is unnecessary with the Nano S and Ledger Blue.

    Along a similar vein, Ledger devices without screens could potentially be vulnerable to man-in-the-middle attacks if used with a compromised computer and thus require an additional layer of security that requires the user to either pair the device with a smartphone or enter a code from a separate security card – an added inconvenience.

    Ledger says the Blue has a “strong and durable casing, anti-scratch glass”, though I was slightly worried about screen scratches. Upon receiving my Ledger Blue, I threw it in my laptop satchel with lots of other loose electronics and took a weeklong trip from America to Europe. Thus far, the Blue’s screen hasn’t taken any visible damage.

    I tested the device's battery life by turning the auto-sleep settings to the maximum period and leaving the device powered on at the default 75% screen brightness, waking it every time the screen turned off. The device lasted for over three hours continuously, which ought to allow you to make quite a few transactions between charges.

    Cons

    When writing down the 24-word seed phrase while initializing the device, it’s a slight annoyance (and potential cause of user error) that the entries on the provided card alternate left and right while on screen they are listed top to bottom.

    Also, the default screen timeout is 30 seconds and you find yourself having to turn it back on every time you want to display the next page of recovery words. I was surprised when the confirmation at the end only checks two random words – I would feel more comfortable if it checked that I correctly wrote down all 24.

    Ledger Blue Recovery Check
    Ledger Blue Recovery Check

    You can see on this YouTube video that Kenneth Bosak experienced the same flicker with his early batch Blue. Ledger tells me that this issue has since been fixed. My replacement did not have the flicker at first, though several weeks later I noticed that it also started experiencing the flicker upon pressing the power button.

    Ledger has several nice wallets that are Chrome apps, though anyone who intends to use these should be aware that Google is discontinuing Chrome App support in 2018Ledger says it's already working on a replacement platform – details of which are still not announced.

    It also wasn’t clear to me how to set the 'plausible deniability' alternate PIN that was touted in this blog post. Upon reaching out to Ledger, I was told that the Blue currently only supports the passphrase option using the same setup method as the Nano S which uses Python scripts. Unfortunately there is a bug in setting the alternate PIN, so right now it can be used only with a dynamic passphrase. They hope to fix this with a firmware update in Q1 2017.

    In my opinion, this is one of the few areas where Ledger could improve the usability of the device, by enabling users to activate this feature either on the device or via a management app.

    I also wanted to test the Ledger Blue against a Mycelium wallet on my phone, but I wasn’t aware that I’d need an OTG adapter to do so. I was hoping I’d be able to add it wirelessly because the Blue has bluetooth support, but it appears that Mycelium hasn’t added it yet.

    The Blue also has the capability to support NFC, but the current version of firmware doesn’t support it. After contacting Ledger about this feature, they responded that they are planning to release the NFC firmware update around the end of Q2 2017.

    Since I ended up with some downtime while waiting to receive a replacement Blue (see below for why I needed one), I bought this OTG adapter from Amazon and later successfully tested that the Blue works with Mycelium in this configuration.

    On a related note, a quirk I noticed (that only developers will care about) is that when using the Ledger Blue on testnet, it still displays mainnet addresses on the device for confirmation.

    Ledger told me the address format bug is expected – they need to build a bitcoin app compiled for testnet on the device to support it. The testnet bitcoin app is not yet offered in the Ledger app manager.

    Ledger Mycelium
    Ledger Mycelium

    Instead, upon connecting the Blue and entering my PIN, my Android phone would prompt me to “Login” with the Blue, at which point GreenBits would open my Ledger-based wallet.

    GreenBits Login
    GreenBits Login

    I later realized that since there is no way to open a GreenBits Ledger wallet without the device present, this means that it’s not possible to receive transactions to your wallet without the Blue plugged in and unlocked. It turns out the solution to this to create a watch-only login while you have the Ledger Blue wallet open. You can set up a watch-only login by going to Settings => Info & Settings => Watch only login.

    GreenBits Ledger
    GreenBits Ledger

    I dropped it (face up) from a height of less than six inches onto a nearby table. Upon picking up the device and trying to turn it on, I noticed that the power button was missing and when I shook the Blue there was a rattle that was clearly the power button. My Blue was now perfectly secure – even I was unable to access its contents!

    I sent an email to Ledger support and they promptly responded, noting that it was a known build-quality issue and they were replacing the first batch of units. One week later, I had my replacement in hand, along with an assurance that the assembly process for the button had been modified so it doesn't get dislodged. I've performed the same drop test upon the replacement several times and it's undamaged.

    Ledger Power Button
    Ledger Power Button

    Upon powering up my replacement unit, I immediately noticed that it emits an extremely high pitch whine reminiscent of some older TVs and CRT monitors. I found this to be odd given that the first Blue didn’t make any sounds. After contacting Ledger, they explained that this comes from an inductance that vibrates at a frequency audible by human ears and it’s a known issue that will be fixed with a firmware update.

    As you can see, the Blue has a number of minor software and hardware issues that need to be worked out. I expect that they’ll all be rectified in time to be applied to the next batch produced.

    Competitors

    The closest competitors for this level of hardware security and usability are TREZOR, KeepKey, and Ledger’s own Nano S. They all seem to have good reviews and you probably can’t go wrong by using any of them.

    Conclusion

    While I ran into some quality issues, this is somewhat to be expected with a first run of completely new hardware. I see no reason for users to be concerned about hardware issues because I received excellent support and Ledger’s CEO, Eric Larchevêque, told me via email:

    "Ledger is highly committed to deliver the best customer support possible, and we assume 100% of our mistakes. Our policy is to refund or exchange any device with even the slightest issue."

    The Ledger Blue is by far the most user-friendly Ledger product I’ve used. In comparison to the HW.1, Nano, and Nano S, the Blue is more versatile and easy to use.

    If you’re a technical user or early adopter of new technology then it should be fine for you to buy a Blue today. If you’re less technical and want a more battle-tested and full-featured product, you may want to wait a few months for the hardware and software kinks to be ironed out.

    Review images via the author

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.