25th Word in Nano Ledger S

[HCP]

HCP, you know how I am before experimenting something... I need to make sure i know what im doing for sure before i attempt it.

The simple answer is, if you don't actually try and send any coins anywhere... you're not going to break anything and you're not going to lose any coins. Experiment away.

So the 25th passphrase.  Say its georgeisfat... after you enter it.  It ask you to enter it again then it show you the passphrase georgeisfat to confirm right?  

No, as I said above, you enter it ONCE and it displays it onscreen for confirmation.

In my example, I do not want to have like a hidden wallet or anything like that as it will complicate things.  And also its been said you going to have to send coins from one wallet to another like a regular transaction, so I don't want to do that.  I had thought you could just send coins from one wallet to another like instantly like if you were moving funds from the same checking account to savings account online.

Of course it requires a transaction. Sending coins from AddressA to AddressB always requires an on-chain transaction. Always has, always will.

With a temporary passphrase, as soon as you unplug the device, the temporary passphrase is lost and the device will go back to using seed+"mnemonic" to derive your private keys/addresses again.


So everytime you connect the nano ledger to the laptop after that, it will only ask you for your pin like normal and you have the option of typing the original pin or the new pin you created.  And it will do that everytime right?

You have TWO options...

Option 1. Use what Ledger call a "temporary passphrase"... essentially, if you want to use your "passphrase" account, after you have plugged in and unlocked your device, you need to go to "settings -> security -> passphrase" and enter your passphrase.

or

Option 2. Use what Ledger call a "Second PIN"... after you have entered a "temporary passphrase", you can actually assign an additional PIN code (different from your original PIN) to this "temporary passphrase". This means that if you want to use your "passphrase account", you don't need to unlock with the original PIN and then goto settings and then enter your passphrase etc... you can instead simply unlock the device using the second PIN that you assigned to that passphrase and it will automagically unlock the device and configure it to use your "passphrase" account. It's basically a shortcut to one specific passphrase, so you don't have to enter your passphrase over and over etc.

Regardless of which option you choose, every time to plug the device in, it starts up and asks for a PIN... you can put in original PIN or the second PIN if you created one.

But say something happens to your nano ledger s and it doesn't work.  You then get a new nano ledger s.  You then type in your old 24 word seed... but you need to also type that passphrase georgeisfat as the 25th word in order to unlock your coins...  is that correct?

Whenever you want to access the passphrase account, you need seed+passphrase.

Also that would mean the first time you add the passphrase of georgeisfat...... you could then go to password recovery app on your nano ledger s... type in the 24 word seed to confirm it.. but you also need to add in the 25th word in order to verify your seed and passphrase is correct on the specific nano ledger right?

No, that's not what the recovery app is checking. It checks that the seed stored on the device is the seed derived from a particular 24 word seed mnemonic that you enter. It has nothing to do with "25th" words/passphrases.

My confusing came when why you mention passphrase and temporary passphrase?  Do you mean the 25th word would be your passphrase but you could also add a 2nd pin which would then serve as your temporary passphrase?  So you would be either using a passphrase which is your 25th word ... or passphrase and temporary passphrase which is your 25th word and the 2nd pin you choose as a 2nd wallet?

No...

Ledger terminology is a bit confusing... BIP39 Passphrase == What Ledger refer to as a "Temporary Passphrase"... they call it that because as soon as you unplug the device, it's "gone"... and the device will revert back to the default "seed only".

The second PIN is just a shortcut way to set the passphrase... You configure a "temporary passphrase" in the settings, then assign a PIN to it (different from your "normal" PIN)... and when you unlock using 2nd PIN, it configures the device to use "seed+temporary passphrase". Again, as soon as device is unplugged, it will revert back to "seed only".

[1715146658]

1715146658

[1715146658]

1715146658

[1715146658]

1715146658

[jerry0]

HCP thanks for clarifying that.  Yes ledger word choice is very confusing with the temporary passphrase.


So with those two choices, which one would you suggest me then?  I assume you never bothered with this right?


One thing that I find not good about this is from reading the instructions on this... is one of the methods, they won't confirm the 25th word on the screen... is that correct?  Or do both methods not show your 25th word passphrase? 


They also mentioned... if you were to use the password recovery app in ledger and enter your 24 word seed, you cannot put the 25th word passphrase to confirm both the seed and the passphrase is correct RIGHT?  Whereas if you dont have that passphrase, you can enter your 24 word seed and it would show it with a check mark.  You don't find bad?


I read someone else mentioned they don't like the way ledger set this up.  They said... why can't nano ledger set it up where you have to put in a 25th word passphrase in addition to the seed... and thats it?  So everytime you plug in your nano ledger s... well its normal putting in your pin.  But if you were to restore your seed on a new nano ledger s... then yo have to put your 24 word seed and the 25th word passphrase in order to access your wallet.  Wouldn't you agree that would be the more popular way?  Because that is why i got confused the whole time.  I thought why would there be another hidden wallet because of the 25th word passphrase?  Why can't they just make it where adding the 25th word passphrase would mean your main wallet is there.  Does that make sense?


So basically whichever method you use... method one or two... you still going to have to transfer btc since you are transferring from your main wallet to the hidden wallet (wallet with majority coins) right?

[HCP]

One thing that I find not good about this is from reading the instructions on this... is one of the methods, they won't confirm the 25th word on the screen... is that correct?  Or do both methods not show your 25th word passphrase? 

For the third time... When you setup the "temporary passphrase", you type it in... THEN IT IS DISPLAYED ON THE SCREEN AND YOU ARE ASKED TO CONFIRM IT

You can then, if you want, set up a 2nd pin... if you then use the 2nd PIN, you don't need to enter the passphrase to see your passphrase wallet, it just automatically goes there.

They also mentioned... if you were to use the password recovery app in ledger and enter your 24 word seed, you cannot put the 25th word passphrase to confirm both the seed and the passphrase is correct RIGHT?  Whereas if you dont have that passphrase, you can enter your 24 word seed and it would show it with a check mark.  You don't find bad?

All the check app does is check that the 24 word seed mnemonic that you enter, generates the SAME seed that is stored in the device. Also, ANY passphrase that you enter, is technically "valid" and will successfully create a wallet...

PassWord1
PASSWord1
pAsswoRd1
1dorwssap
fklsadgeqrwtio3489t3yjeklthnakjbgvkjmnq34t7238y5346y45uy/W$t

All of those are "valid" passphrases and will successfully generate a wallet (with a valid seed mnemonic)... so quite what you expect the recovery app to be able to check with seed+passphrase I don't know? The passphrase is not stored in the device, so there is simply nothing to check regarding passphrases with the recovery check app.

Why can't they just make it where adding the 25th word passphrase would mean your main wallet is there.

Essentially, the 2nd PIN is exactly that method... put in 24 word seed mnemonic, add "Temporary Passphrase/25th word", set 2nd PIN.... Then, ALWAYS log in with 2nd PIN as if it was ordinary PIN... and there you go, you ALWAYS log in with 24 words+passphrase.... you just don't need to enter the passphrase.

The reason it wasn't the default option was that BIP39 passphrases are OPTIONAL (and not all wallets even support using them)... and also because entering a "decent" sized passphrase back in the "old days" took a LONG time and was very tedious if it had 10+ chars and used UPPER/lower/numb3r5/symb@!s etc. which would mean either:

1. it would just be a pain in the arse to unlock the device and see your wallet
or
2. users would choose stupidly easy to enter passphrases (which kind of defeats the purpose of having the passphrase in the first place)

[jerry0]

One thing that I find not good about this is from reading the instructions on this... is one of the methods, they won't confirm the 25th word on the screen... is that correct?  Or do both methods not show your 25th word passphrase? 

For the third time... When you setup the "temporary passphrase", you type it in... THEN IT IS DISPLAYED ON THE SCREEN AND YOU ARE ASKED TO CONFIRM IT

You can then, if you want, set up a 2nd pin... if you then use the 2nd PIN, you don't need to enter the passphrase to see your passphrase wallet, it just automatically goes there.

They also mentioned... if you were to use the password recovery app in ledger and enter your 24 word seed, you cannot put the 25th word passphrase to confirm both the seed and the passphrase is correct RIGHT?  Whereas if you dont have that passphrase, you can enter your 24 word seed and it would show it with a check mark.  You don't find bad?

All the check app does is check that the 24 word seed mnemonic that you enter, generates the SAME seed that is stored in the device. Also, ANY passphrase that you enter, is technically "valid" and will successfully create a wallet...

PassWord1
PASSWord1
pAsswoRd1
1dorwssap
fklsadgeqrwtio3489t3yjeklthnakjbgvkjmnq34t7238y5346y45uy/W$t

All of those are "valid" passphrases and will successfully generate a wallet (with a valid seed mnemonic)... so quite what you expect the recovery app to be able to check with seed+passphrase I don't know? The passphrase is not stored in the device, so there is simply nothing to check regarding passphrases with the recovery check app.

Why can't they just make it where adding the 25th word passphrase would mean your main wallet is there.

Essentially, the 2nd PIN is exactly that method... put in 24 word seed mnemonic, add "Temporary Passphrase/25th word", set 2nd PIN.... Then, ALWAYS log in with 2nd PIN as if it was ordinary PIN... and there you go, you ALWAYS log in with 24 words+passphrase.... you just don't need to enter the passphrase.

The reason it wasn't the default option was that BIP39 passphrases are OPTIONAL (and not all wallets even support using them)... and also because entering a "decent" sized passphrase back in the "old days" took a LONG time and was very tedious if it had 10+ chars and used UPPER/lower/numb3r5/symb@!s etc. which would mean either:

1. it would just be a pain in the arse to unlock the device and see your wallet
or
2. users would choose stupidly easy to enter passphrases (which kind of defeats the purpose of having the passphrase in the first place)

Hey thanks all that clarification. 


So you don't feel the need for this right?


So you agree I should do the second pin method then?

[jerry0]

Also do others here using the 25th Word ?  I gotta assume like less than 20 percent of ppl probably use it ... many don't even know about it right?

[o_e_l_e_o]

Not enough people use it, in my opinion. It's a powerful tool which can increase your security (in that if your seed phrase is compromised you don't immediately lose all your coins, and it is the only real way to have plausible deniability with a hardware wallet), and it can also improve your privacy (by allowing you to create entirely separate wallets for different purposes and therefore avoid the risk of mixing UTXOs together and linking different addresses/bitcoin). Using passphrases can also help to protect against some vulnerabilities, such as the recently disclosed one regarding sending bitcoin transactions when interacting with an altcoin wallet on Ledger devices (now patched). If the altcoin wallet was behind its own passphrase, then the vulnerability was impossible to exploit.

So yes, not only do I use passphrases, but I use multiple different passphrases to create multiple different wallets from the same seed phrase.

[HCP]

Not to mention the hardware vulnerability in the Trezor devices that essentially require you to use passphrases in case you lose your device or it gets stolen, as the seed mnemonic can be extracted from the device relatively easily. So unless you use a passphrase, your coins are effectively "gone" if someone gets hold of your device

As for the Ledger, the "easiest" setup, in my opinion, is the 2nd PIN. It's relatively secure as a thief only gets three chances to guess either your normal PIN or 2nd PIN before the device wipes itself. Given you can use up to an 8 digit PIN (min 4 digits), the odds of them doing that are relatively small.

It does mean using multiple passphrases with the Ledger Nano S is a bit of a hassle, as you can only have one "2nd PIN", so if you use more than one passphrase the only way to access subsequent passphrases is with the "Temporary Passphrase" system, and entering the passphrase every time you want to access a passphrase account that isn't the one attached to the 2nd PIN. Still, at least the option is available.

For the reasons o_e_l_e_o has mentioned, I would also recommend using the 2nd PIN system that Ledger provides...

[Lucius]

Also do others here using the 25th Word ?  I gotta assume like less than 20 percent of ppl probably use it ... many don't even know about it right?

Your assumption makes no sense because it is completely impossible to know how many HW users know about this feature, and how many of them would even decide to use this option. Manufacturers definitely do not recommend this feature for people who are not fully aware of what it is actually about, all for the reason of preventing users from locking their funds irretrievably.

There have already been cases where users have used this option and forgotten passphrases, so no matter they have a perfectly correct seed, they actually have one big nothing. I doubt that the OP will be a little closer to understanding even after a hundred pages of explanations - he asked the same questions more than a year ago.

Did you have to do this when you initialize the nano ledger s or you could do this anytime afterwards?  Example i set up my nano ledger s a while back and wrote down the 24 word seed. 
Can i add a 25th word now?   Could i do this without having access to my 24 word seed?  My 24 word seed is in another location, not here so i don't have access to it.

[jerry0]

Also do others here using the 25th Word ?  I gotta assume like less than 20 percent of ppl probably use it ... many don't even know about it right?

Your assumption makes no sense because it is completely impossible to know how many HW users know about this feature, and how many of them would even decide to use this option. Manufacturers definitely do not recommend this feature for people who are not fully aware of what it is actually about, all for the reason of preventing users from locking their funds irretrievably.

There have already been cases where users have used this option and forgotten passphrases, so no matter they have a perfectly correct seed, they actually have one big nothing. I doubt that the OP will be a little closer to understanding even after a hundred pages of explanations - he asked the same questions more than a year ago.

Did you have to do this when you initialize the nano ledger s or you could do this anytime afterwards?  Example i set up my nano ledger s a while back and wrote down the 24 word seed. 
Can i add a 25th word now?   Could i do this without having access to my 24 word seed?  My 24 word seed is in another location, not here so i don't have access to it.

Well i heard of this 25th Word  a while back but I never attempted it because I didn't even think about it at the time... but most importantly that seems like another step in the process which I sort of what to avoid.


You say there has been users who used this option and forgotten the passphrases.  Yea that will definitely happen.  The thing is i would also write the passphrase down as well as backup... and put it a bit somewhere else from the 24 word seed.  But my concern is setting the 25th Word process.  I mean you type it, then make sure you remember and write it down on paper. 


But when you then try to type in your seed again if something happens to your ledger... say it reset or you need to get a new one... you would then need to type the 24 word seed... and then the  2nd pin you created?  Or the 24 word seed, then the passphrase and then the 2nd pin?


Also no matter which of the teo methods you choose... HCP recommend the pin option... when you set up the second pin, well you need to then move the bulk of your coins to the 2nd pin right?  Thus imagine you set this all up and had 2 btc in your nano ledger s.  You set passphrase, then second pin... say its 888888 as your second pin.  Say your original pin was 555555.


Then you send the say 90 percent of your btc in the nano ledger s... so 1.8 btc from the original address to the new address right? 




Then you have 0.2 btc in your current address with pin 555555
Then you have 1.8 btc in your second address with pin 888888


So everytime you connect ledger s to laptop, you need to enter one of these two pins, to access either the smaller or bigger balance btc right?  Thus no more passphrase seeded to type each type?  But you need the passphrase when you try to access your coins in a new ledger right when you enter the whole 24 word seed and also 25th Word?  And once you do that... you enter either of the pins to access either the smaller or bigger wallet?


Is that correct?

[o_e_l_e_o]

So everytime you connect ledger s to laptop, you need to enter one of these two pins, to access either the smaller or bigger balance btc right?  Thus no more passphrase seeded to type each type?  But you need the passphrase when you try to access your coins in a new ledger right when you enter the whole 24 word seed and also 25th Word? 

This is essentially correct. The passphrase is intrinsically linked to the addresses you generate, just the same as your seed phrase. You need both to recover the coins in the passphrased wallet. If you lose either the seed phrase or the passphrase, you cannot recover the passphrased wallet.

The PIN is entirely stored on the Ledger and is device specific. The PIN is not used to generate your wallets, only to unlock your Ledger device. If you recover the wallets to a different Ledger device, you do not need to enter your previous PINs, and when you set up new PINs you can either pick the same ones as before or totally different ones.

[jerry0]

So everytime you connect ledger s to laptop, you need to enter one of these two pins, to access either the smaller or bigger balance btc right?  Thus no more passphrase seeded to type each type?  But you need the passphrase when you try to access your coins in a new ledger right when you enter the whole 24 word seed and also 25th Word? 

This is essentially correct. The passphrase is intrinsically linked to the addresses you generate, just the same as your seed phrase. You need both to recover the coins in the passphrased wallet. If you lose either the seed phrase or the passphrase, you cannot recover the passphrased wallet.

The PIN is entirely stored on the Ledger and is device specific. The PIN is not used to generate your wallets, only to unlock your Ledger device. If you recover the wallets to a different Ledger device, you do not need to enter your previous PINs, and when you set up new PINs you can either pick the same ones as before or totally different ones.

Okay but don't you find it a bit not good that you can't enter your seed and also the 25th Word to the recovery app to confirm everything is correct?  That seems to be one thing I'm not a fan of.


Also, anyone that creates this wallet, they then sent the majority of the coins from their main wallet to the new hidden wallet right?  Like what I posted in the bolded part?  Thus with say 2btc balance, u send the say 90 percent of your 2 btc in the nano ledger s... so 1.8 btc from the original address to the new address right?  Now you have 0.2 btc in your main wallet and 1.8 btc in the hidden wallet?


But if someone got your 24 word seed and 25th Word, they have access to both main wallet and hidden wallet right?  Since if the are restoring the entire seed with that 25th Word, the 2nd pin is not needed for them?

[HCP]

But when you then try to type in your seed again if something happens to your ledger... say it reset or you need to get a new one... you would then need to type the 24 word seed... and then the  2nd pin you created?  

No. That won't work... the new device/other wallet will have no knowledge of your 2nd PIN. It will only ever be valid on the device it was created on.

Or the 24 word seed, then the passphrase and then the 2nd pin?

Correct. To recover a "passphrase account" on your Ledger, you have to put in the 24 word seed to restore your device... then enter the "temporary passphrase" (and then optionally assign the 2nd PIN to that passphrase again).

Okay but don't you find it a bit not good that you can't enter your seed and also the 25th Word to the recovery app to confirm everything is correct?  That seems to be one thing I'm not a fan of.

Again, it's not necessary... You can check it yourself by simply checking the address/account when you setup the temporary passphrase. It's also technically not possible for that app to check if your passphrase is correct... because it's not stored on the device, so there isn't anything to check against... But because you can check it yourself, it's not a big deal.

Also, anyone that creates this wallet, they then sent the majority of the coins from their main wallet to the new hidden wallet right?  Like what I posted in the bolded part?  Thus with say 2btc balance, u send the say 90 percent of your 2 btc in the nano ledger s... so 1.8 btc from the original address to the new address right?  Now you have 0.2 btc in your main wallet and 1.8 btc in the hidden wallet?

It's like asking people how they store their seeds or what the best bitcoin wallet is... it's different for everyone. Some people probably do this, some probably don't... some probably don't even use the Passphrase option. But the main "use-case" that is advertised for the passphrase option is the concept of the hidden wallet holding most of your funds.

But if someone got your 24 word seed and 25th Word, they have access to both main wallet and hidden wallet right?  Since if the are restoring the entire seed with that 25th Word, the 2nd pin is not needed for them?

Correct, the PIN's are just a method to unlock that specific device. Anyone who has your seed mnemonic and passphrase(s) has access to all the wallets.




Still not sure why you haven't simply tried it out?

Create a passphrase, check addresses... add 2nd PIN... disconnect/reconnect... unlock with 2nd PIN, check that it still works with the passphrase account/addresses... Then wipe your device and try restoring. If you attempt to unlock with 2nd PIN now, you'll get "invalid PIN" message as it no longer exists (just like it wouldn't on any new device). Then recreate passphrase and assign 2nd PIN.

I can guarantee that your understanding of how this all works will be 100% better if you "just do it", rather than asking the same questions over and over.

If you have access to your seed mnemonic (and you don't actually send any coins to any passphrase account until you're satisfied you have it set up correctly), you're not in any danger of losing any coins or breaking the device.

[bob123]

Okay but don't you find it a bit not good that you can't enter your seed and also the 25th Word to the recovery app to confirm everything is correct?  That seems to be one thing I'm not a fan of.

In the beginning, there was no way to verify your mnemonic code other than wiping your device or using something else to derive the keys. There was no application for that.
And this was fine for the majority of people. Then, after quite a lot of people began to lose coins because they didn't write down the correct mnemonic, ledger implemented that application.

While it might be advantageous, i don't think it is necessary.
Writing down and checking a single password multiple times should be fine, not?

Also, anyone that creates this wallet, they then sent the majority of the coins from their main wallet to the new hidden wallet right?  Like what I posted in the bolded part?  Thus with say 2btc balance, u send the say 90 percent of your 2 btc in the nano ledger s... so 1.8 btc from the original address to the new address right?  Now you have 0.2 btc in your main wallet and 1.8 btc in the hidden wallet?

That's what some people do for plausible deniability reasons.

But if someone got your 24 word seed and 25th Word, they have access to both main wallet and hidden wallet right?  Since if the are restoring the entire seed with that 25th Word, the 2nd pin is not needed for them?

The passphrase for the mnemonic code is protocol-specific (completely independent from the device).
The "pin" is device-specific, it is completely independent from the key derivation.

[o_e_l_e_o]

Okay but don't you find it a bit not good that you can't enter your seed and also the 25th Word to the recovery app to confirm everything is correct?  That seems to be one thing I'm not a fan of.

I have never once used the seed phrase recovery app. When I first set up my Ledger, I initialized it, wrote down the seed phrase, made a note of the first address, wiped it, set it up again with the seed I had written down, and checked the first address matched. It did, so I was happy I had backed up my seed phrase correctly.

The first time I want to use a new passphrase, I enter it as a temporary passphrase, make a note of the first address, disconnect then reconnect my Ledger, attach the passphrase a second time, and check the first address matches. If it does, I'm happy I have entered the passphrase correctly. Ledger devices also show you the passphrase you have entered before confirming it, so you can check for typos.

Thus with say 2btc balance, u send the say 90 percent of your 2 btc in the nano ledger s... so 1.8 btc from the original address to the new address right?  Now you have 0.2 btc in your main wallet and 1.8 btc in the hidden wallet?

That's what some people do for plausible deniability reasons.

I would suggest that this provides very little in the way of plausible deniability.

If you are coerced to handing over your seed phrase, and an attacker opens your wallet and sees that you have made a single transaction of 90% of your funds to another address, and those funds have not moved from that other address, then it is reasonable for them to assume that those funds have moved to another wallet you control. They won't know if it is a passphrased wallet or a separate wallet altogether, but that is essentially irrelevant if they are coercing you to hand over the details of it. Plausible deniability relies on there being no trace of your secondary (or tertiary, or so on) wallets, and that includes blockchain evidence. If you want to move 90% of your coins to a hidden wallet, then you need to do so in multiple smaller transactions over time which have been mixed or coinjoined along the way so the final destination of each transaction is obscured.

[jerry0]

Okay so I will want to do this pretty soon as I'm planning to head back to the US for a bit.  Last time when I was in the US, I didn't want to attempt this since i was going abroad again since Im abroad almost all year etc.  And didn't want an issue if anything goes wrong with it.



Now would you say its foolish for me to buy another nano ledger s wallet just for this purpose?  I really don't want to attempt this on my current nano ledger s where i have all my coins.  I mean if i were to do this on my current nano ledger s, first thing to do is obviously make sure you have you seed... and enter it in the app in the ledger s just to make sure it confirms before you try this right?



I kind of only feel safe doing this on another nano ledger s.  For example i buy a new ledger s... then i send say 0.005 btc to it from my current nano ledger s.  Then when i do that, i reset the new device by inputting pin wrong three times on the new device and enter my new ledger s seed in new device to make sure it works and then it restores the 0.005 btc.  Then once i do that, create a second wallet with a second pin and a passphrase. 


Let just say i make the pin for the new nano ledger s is


800500



Now let say the new pin and passphrase i create for the new wallet on it would be


90859

frogishungry



Then once i do that, I send say 0.004 btc from the new ledger s to the new wallet i created on the new ledger s.  Then once that happens, the new wallet will have around 0.004btc and the main wallet will have 0.00l btc - whatever fees to send it right?


The reason why i used 0.005 btc as the test amount even though that is few hundred dollar is because i read fess are very expensive now to send btc... its around twenty dollars right at least now to send?  So trying this with a small test amount would have issues then right since well... you can't test sending 5 dollars to another wallet since fees now are at least twenty dollars?



Also someone mentioned, you can't just send 90% from your main btc wallet to the hidden one in one transaction because it would draw attention.  I mean unless the thief has access to your ledger live history or they are checking your balance while you are there, then wouldn't that be safe?  But i do agree with your statement that imagine someone had a lot of btc... say 5 btc.  The thief get access to your seed/wallet and when they put it in electrum or ledger to get the btc, they see only 0.5 btc but then let say they saw a transaction the person made where they sent around 4.5 btc to another wallet a while back ago.  So they could assume okay you have access to this wallet as well right?  Then again, how would they know because couldn't it be you sending that btc to coinbase to cash out to your bank account?



So if they see those coins were never moved since you sent them, then they know it isn't coinbase or anything like that right?  Because coinbase would move them immediately? 



If that is the case, how do ppl then safely move their btc to their hidden wallet in their nano ledger s or trezor then?  Imagine someone with 5 or l0 btc.  They want to have a hidden wallet.  They going to need to send like 0.5 btc every few days or something to the hidden wallet to not arouse suspicion?  Issue with this is you are going to pay a ton of transaction fees... but not only that... once you send those coins to your hidden wallet over a period of weeks for month for example, they aren't going to move anywhere.  But not only that, isn't it obviously you are sending to the same btc address though to the hidden wallet?

[jerry0]

And now let say they want to access their main wallet.  Just enter you pin for the new nano ledger s and you will see around

0.00l btc - fees so around 0.00l btc - 0.00034btc =


0.00066 balance?



But instead if you enter the hidden wallet seed and the passphrase i posted in the above post, now you see a balance of


0.004 btc balance right?




But what if you have to open your ledger live to a thief?  Wouldn't when you log in, they would see two different ledger accounts?  Thus one with 0.00066 balance and one with 0.004 btc balance? 



Could you hide that somehow or delete it?  Then again you would want both accounts to show up everytime you log into ledger live for personal use though.  So how would that owkr?

[bob123]

But what if you have to open your ledger live to a thief?  Wouldn't when you log in, they would see two different ledger accounts?  Thus one with 0.00066 balance and one with 0.004 btc balance? 

You don't need to open ledger live.
Anyone with access to your system can access all the relevant data from ledger live. Even without the password. That password (for ledger live) is just a gimmick, it does not encrypt anything.
The data is stored in plain text and can be read by anyone who knows where to look for.

Could you hide that somehow or delete it?  Then again you would want both accounts to show up everytime you log into ledger live for personal use though.  So how would that owkr?

The best answer would be: Don't use ledger live.

[dkbit98]

Problem is that you need to use ledger live sometimes, because you can't verify that ledger you purchased is really authentic without ledger live, and you need it for all ledger firmware updates.
Best thing would be to keep ledger live installation on separate device you don't use everyday, maybe your old smartphone that is encrypted and have good login protection password.

[o_e_l_e_o]

If that is the case, how do ppl then safely move their btc to their hidden wallet in their nano ledger s or trezor then?

By breaking the link between the two wallets. Just sending 90% of your stash from one address to another, and then having it sit on the new address and never move, is completely obvious to anyone who can look at the blockchain. If it was moved to an exchange or other service it would have been swept to their main wallets. The easiest way to break the link is going to be using a mixer or a coinjoin transaction.

But not only that, isn't it obviously you are sending to the same btc address though to the hidden wallet?

The hidden wallet can create as many addresses as you want. You can spread the deposits across multiple addresses in the same wallet.

Problem is that you need to use ledger live sometimes, because you can't verify that ledger you purchased is really authentic without ledger live, and you need it for all ledger firmware updates.

Is there actually any requirement to add accounts to Ledger Live? Can you not just use it to verify your device, update the firmware, and add and remove apps, without ever adding accounts or syncing your balances?

[dkbit98]

Is there actually any requirement to add accounts to Ledger Live? Can you not just use it to verify your device, update the firmware, and add and remove apps, without ever adding accounts or syncing your balances?

I didn't try doing something like that, but since it is possible to delete accounts than I believe you don't have to create accounts in ledger live and you can just connect ledger directly with Electrum after you updated and added apps.