Ledger Nano X Circus (Battery, Recover and more)

[sam00]

Whenever I think I heard everything I need to know about ledger nono X hardware wallet, something new pops up to show how bad this device is.
We all heard about  screen issues with older model S that is not manufactured anymore, but model X have their own design flows related with screen.
If you often open and move metallic part screen will be scratched a lot and hard to read like in this examples:

~pictures~
https://www.reddit.com/r/ledgerwallet/comments/11dy997/flaw_with_the_ledger_x_design/

My suggestion is first not to buy ledger X for reasons I wrote in this topic, but if you already purchased it than do not remove screen protective foil (if there is one).
It is also possible to remove the metal clip and bend the metal to reduce scratches but be careful while doing this.
I am sure ledger is well aware of this crap design, that is why they made corrections with model S plus.

I was about to comment here, defending ledger but I actually checked my Ledger X and noticed some scratchmarks aswell on the outer edge of the screen. However, these are minimal and I never noticed before. The users that uploaded those pictures on reddit have been offered replacement devices by the support team.

I also highly doubt that the scratches on the 3rd pic are actually from the metal cover opening and closing. they are really irregular and not circle shaped around the moving circle on the right side. This honestly looks like someone maliciously scratched his device to receive a new one

[1714220504]

1714220504

[1714220504]

1714220504

[dkbit98]

Ledger Nono X Circus is in your town again!

If you think Ledger fixed issues with their devices, you are wrong, people report problems all the time and I decided to post most recent complains.
Maybe someone will find this topic and they will make best decision in their life, not buying ledger hardware wallet.

Ledger Nano X arrived broken!
https://www.reddit.com/r/ledgerwallet/comments/12m4vou/ledger_nano_x_arrived_broken/

My first ledger is broken. How can I transfer crypto?
https://www.reddit.com/r/ledgerwallet/comments/12lug4v/my_first_ledger_is_broken_how_can_i_transfer/

Facing problem with crypto wallet ledger nano x
https://www.reddit.com/r/ledgerwallet/comments/12lmq6z/facing_problem/

What’s going on. I just received my ledger x and I charged it until 100% then once I tried setting it up it was 14% of battery. Is it a firmware update? Or should I return and get me a keystone so I can use it on MM on mobile
https://www.reddit.com/r/ledgerwallet/comments/12lkq7g/whats_going_on_i_just_received_my_ledger_x_and_i/

Every day is April 1st day for ledger, that is why they never have any jokes on that day

[SFR10]

Ledger Nono X Circus is in your town again!

If you think Ledger fixed issues with their devices, you are wrong, people report problems all the time and I decided to post most recent complains.

They keep raising funds from here and there for God knows what reason and yet, they still can't build a decent production line for the model in question.
^{- They were supposed to fix the battery issues "one and a half years ago" and as for the rest of the issues, all I can do is shake my head (it amazes me how easily they can still find investors)!}
_{- Another interesting problem from "last week".}

[hZti]

Ledger is simply not build for bitcoin enthusiasts, it is a mass market device that sells very Strom because if good marketing. As long as people buy them they will not change anything, since the customers that are the target of ledger don’t do a lot of research before they buy anyway…

[dkbit98]

They keep raising funds from here and there for God knows what reason and yet, they still can't build a decent production line for the model in question.

I am sure they are accepting money for listing and supporting shitcoins with their apps, and for marketing propaganda, but they never fully revealed who exactly invested and gave them money.
This could mean they are not independent and they are controlled by some third party entity or big corporation that can control their production.
I think it's just get rich quick scheme for them and they didn't make a single contribution to Bitcoin network.

[dkbit98]

As if there wasn't enough reasons already to stop using ledger nono X, with all their battery crap and closed source shenanigans, now this device is the first one to support terrible rec0ver feature.
They silently made firmware update that included this crap and later they announced it with biggest negative reaction from community I ever saw in my life.
Keys extraction from secure element is possible, and seed phrase is sent to other company partners, making this a hot wallet.
Don't think or assume that ledger nono s and s plus are safe, just because they don't have new firmware yet.



What to do next?

1. If you already own ledger nono X, DON'T update new firmware!
2. If you still have valid warranty you can ask for refund and send them back your device (reset and move funds before that).
3. If your warranty expired, move coins to different wallet and stop using ledger (optionaly you can destroy it with hammer or tool of your choice).
4. Complain to ledger, force them to reverse this decision and to open source their code.
5. Never trust ledger again.

[Cricktor]

I'm no Ledger fan, either. But I have some issues with what you propose.

1. If you already own ledger nono X, DON'T update new firmware!

You have to be of a masochistic nature to use Ledger Live but it will sooner or later run into issues as it will mostly stop working until you update the firmware. Other software wallets that work with Ledger NoNos likely will continue to work, but I doubt it's a feasible way to stop updating the firmware. Especially if other quirks or vulnerabilities or new Bitcoin features need to be fixed or implemented by firmware updates.
This sounds like bad advise to me.

2. If you still have valid warranty you can ask for refund and send them back your device (reset and move funds before that).

Based on what warrenty claim you want a refund? That Ledger lied to you that your seed or private keys never leaves the secure chip?
Good luck with that...

3. If your warranty expired, move coins to different wallet and stop using ledger (optionaly you can destroy it with hammer or tool of your choice).

Why that? The recOver feature is optional and you have to pay quite a hefty monthly fee for it. BTW hey, Ledger Paris, you're so greedy OR did your required marketing budget skyrocket recently to sell your crap!?

4. Complain to ledger, force them to reverse this decision and to open source their code.

While this is actually a good proposal, and every Ledger user who hates the new feature should do it, I highly doubt that the Ledger Paris folks can be persuaded to return to the light side. Ledger users already voted with their money, that it's fine for them to buy a closed-source firmware hardware wallet and believe Ledger's marketing mantra.

5. Never trust ledger again.

I'm with you, they've done quite some shit and cover it up with massive marketing. And sadly, they succeed.

[The Sceptical Chymist]

4. Complain to ledger, force them to reverse this decision and to open source their code.
5. Never trust ledger again.

Will do the second and won't waste any time complaining to a company who would do something so mind-bendingly dumb that they've probably won the world record for losing the most customers in the shortest period of time.  One complains to a company usually if they want them to do something better or correct a wrong.  In this case, I don't think there's anything Ledger can do to walk back this blunder.

I'm still shaking my head over this one.  And dkbit98, you were right in your criticisms all along.  The closed/open-source thing is enormously important when it comes to any sort of crypto software, and it doesn't matter if a HW wallet is sold by a well-known company that's been reputable for years, because shit like this can happen if everything isn't transparent.

[dkbit98]

This sounds like bad advise to me.

Your advice is much worse (doing nothing), but go ahead update and have sex with your ledger wallet if you think it's safu to do it  

Based on what warrenty claim you want a refund? That Ledger lied to you that your seed or private keys never leaves the secure chip?

They are literally preparing to receive class action lawsuit for false advertisement and you are asking me this question  

Why that?

For fun and for better security.
People are doing it already and recording videos,like in this example:
https://www.youtube.com/watch?v=N6SoLaOF8uI

who would do something so mind-bendingly dumb that they've probably won the world record for losing the most customers in the shortest period of time.  

Someone should register them for Guinness World Records book for this  

[JayJuanGee]

This sounds like bad advise to me.

Your advice is much worse (doing nothing), but go ahead update and have sex with your ledger wallet if you think it's safu to do it  

For sure, you (Cricktor, or any other "so inclined" forum member) gotta make sure to wear a condom.

That's bad advice^** dkbit98.


Bad dkbit98!!!!!!

 



**Otherwise, I agree with your (5) "What to do next" points.. plus the optional extra suggestion for the seemingly "Ledger not haters."

[n0nce]

What to do next?
2. If you still have valid warranty you can ask for refund and send them back your device (reset and move funds before that).

Wow, thanks for the update. This sets a new low from Ledger.

Although I'd like to recommend people not to send back their device - no matter what - since without open-source firmware, there is no way to tell whether a reset fully erases everything.
At this point, I could even imagine that a device reset just 'hides' your old seed, but keeps it in storage, so when you send back the device they can recover it and fully deanonymize you.

[mikeywith]

Although I'd like to recommend people not to send back their device - no matter what - since without open-source firmware, there is no way to tell whether a reset fully erases everything.
At this point, I could even imagine that a device reset just 'hides' your old seed, but keeps it in storage, so when you send back the device they can recover it and fully deanonymize you.

Moving your coins to somewhere else will be enough, there is nothing they don't already know in regards to the buyer's identity and the addresses they used, I just hope they won't make things even worse and sell the info that links the user identity/email/credit card/address to on-chain data (assuming they have not already done so).

But ya, overall, there is no harm in returning it and use that money to buy another proper wallet.

[n0nce]

Moving your coins to somewhere else will be enough, there is nothing they don't already know in regards to the buyer's identity and the addresses they used
[...]
But ya, overall, there is no harm in returning it and use that money to buy another proper wallet.

How do they already know the addresses that a person used? I mean, I guess there's still the risk that seeds aren't generated truly randomly (since - again - closed source firmware). But besides that, I'm not sure how you come to this conclusion.

[mikeywith]

How do they already know the addresses that a person used? I mean, I guess there's still the risk that seeds aren't generated truly randomly (since - again - closed source firmware). But besides that, I'm not sure how you come to this conclusion.

What I meant is, there is nothing more they would be able to know just by receiving your hardware wallet again, they already know everything that they could reveal about you when you send it back.

The second part of the post is just a speculation of "what they might know" and that's based on the fact that in order to buy a ledger you have to undergo a KYC process, you need to use your credit card or KYCed crypto.com, and your home/work address, every wallet has a unique serial number, so they know person A who lives at B owns ledger wallet with a serial number of 123456.

in theory, they could know that person A's wallet generated seed x, and signed a transaction to move 0.1BTC to some address, used a certain address to receive funds, since there is no limitation on what could and could not leave the secure element, we certainly have no way of knowing what information were they collecting from the apps when they are connected to the ledger wallet.

Of course, all this is nothing but speculation, but in theory, they could know about everything that you worry about when sending them the hardware wallet back, so by spending your coins and sending it back -- there is nothing left to risk in that process, the risk has already been fully taken the moment you trusted their closed source firmware.

[dkbit98]

Although I'd like to recommend people not to send back their device - no matter what - since without open-source firmware, there is no way to tell whether a reset fully erases everything.

That is true, but I would move all funds and double check everything before sending anything back to ledger.
Most they can get from returned device would than be only history of transactions, and that is if they are hiding something.
This option is only if you want to get money back from ledger, I personally prefer optional destruction and total demolition

 

[Pmalek]

How do they already know the addresses that a person used? I mean, I guess there's still the risk that seeds aren't generated truly randomly (since - again - closed source firmware). But besides that, I'm not sure how you come to this conclusion.

Think of it this way: If you use Ledger Live, and you have to at least once to install the firmware and the needed crypto apps, they can get information about your public keys, addresses, and the balances you connect to their servers. Something similar that Electrum does when you connect your wallet to an Electrum server.

Even if you purchased your HW anonymously and had it delivered to a PO box or company where you work, they would still be able to connect your name to the wallets that were connected to their servers in the past if you decide to send the HW back. I doubt you can ship a package anonymously, unless you get someone else to do it for you.   

[dragonvslinux]

How do they already know the addresses that a person used? I mean, I guess there's still the risk that seeds aren't generated truly randomly (since - again - closed source firmware). But besides that, I'm not sure how you come to this conclusion.

Even if you purchased your HW anonymously and had it delivered to a PO box or company where you work, they would still be able to connect your name to the wallets that were connected to their servers in the past if you decide to send the HW back. I doubt you can ship a package anonymously, unless you get someone else to do it for you.  

Despite all recent issue with Ledger, I'm not convinced this is how it works. I don't think they know the public addresses associated with the delivery or purchase, as otherwise this would imply they know the seed phrase of the device that was sent in the first place - in order to have access to those public keys. I mean, I'd like to assume they don't have a database of all the seed phrases at least!

I also thought the seed phrase was generated once you setup the device if not mistaken, using True Random Number Generator (TRNG) (as it's apparently build into the chip, therefore can be generated at any point in the future). Therefore, it'd be impossible for Ledger to have access to public keys based on delivery/purchase information, as they would be created post-purchase. Instead, it'd have to be based on IP addresses at best. Also to note is that you can reset to factory setting and create a new seed phrase, so it stands up to scrutiny the idea that the seed phrase is generated after purchase, as opposed to "pre-loaded" as it were.

Of course, this is if we still trust Ledger to be telling the truth about how these "random" seed phrases are generated... which I don't. Just countering some misconceptions here.

[mikeywith]

I also thought the seed phrase was generated once you setup the device if not mistaken, using True Random Number Generator (TRNG) (as it's apparently build into the chip, therefore can be generated at any point in the future). Therefore, it'd be impossible for Ledger to have access to public keys based on delivery/purchase information, as they would be created post-purchase. Instead, it'd have to be based on IP addresses at best. Also to note is that you can reset to factory setting and create a new seed phrase, so it stands up to scrutiny the idea that the seed phrase is generated after purchase, as opposed to "pre-loaded" as it were.

Of course, this is if we still trust Ledger to be telling the truth about how these "random" seed phrases are generated... which I don't. Just countering some misconceptions here.

I think you missed the point here, I (I am sure so is Pmalek) did not assume the wallet comes with a pre-loaded seed, the point is, IF they can extract the seed phrase outside of the secure element and send it to a third party it simply means there is NOTHING in the hardware design that stops seeds and private keys from leaving the device, contrary to what ledger have always said.

So based on their own words (not mine), they were always able to gather every bit of information we never thought possible, now since the firmware is closed and nobody has a clue about what is inside it (at least for anything released after version 1.5.1 (2019) since that was approved by ANSSI), for all we know they could have been logging from/to addresses used, private keys and even seed phrase, of course, if you created a seed and did not connect your wallet to the app then it would be hardly unlikely for them to know the seed, but the moment you install those apps which reside on the SE and have direct access to the PK (also their words, not mine) they could start logging everything they want.

All that information is directly attached to the unique serial number of your wallet which doesn't disappear by formatting it or anything else, so this leads to another assumption that your real identity/home address/ credit card or whatever you used to purchase from them (since they only accept KYC payments) are all linked and could be stored in a database somewhere.

Of course, we are probably being a bit harsh on Ledger here, I don't claim they did or are doing all of this, I am simply stating the fact that based on THEIR own words, every assumption made here is technically valid, I wouldn't have the audacity to put forward these assumptions if they did not implement this cloud seed backup shit, but alas, it happened, we already know what are they capable of doing with their hardware wallets, it would be plain stupid to think that any of the assumptions people have about them now are not true.

[Pmalek]

Despite all recent issue with Ledger, I'm not convinced this is how it works. I don't think they know the public addresses associated with the delivery or purchase, as otherwise this would imply they know the seed phrase of the device that was sent in the first place - in order to have access to those public keys. I mean, I'd like to assume they don't have a database of all the seed phrases at least!

I wasn't talking about seed phrases. I don't think they have those either. Knowing Ledger, they would have lost or leaked them by now. But with the knowledge that keys can leave the secure element, who knows what else is possible. Today, it's supposedly 3 encrypted shards sent to 3 separate companies. What if it becomes just one company or remote sharing of seeds in unencrypted form next year?

It's not a secret that servers can log and store information about your wallets when you interact with them. I am going back to my Electrum example. Connect your wallet to a server and it will know your IP address, OS, balance of all funded addresses, and complete list of all other addresses that are part of that wallet. Connecting to Ledger's servers can work exactly the same.

Only a genuine Ledger HW can connect to Ledger Live. For all we know, each device they have ever sold could have an identifier pairing it to the name of the person who purchased it. When you connect your HW to Ledger Live, the software checks if the device is genuine and it could very well check that identifier and compare it with its database. That would provide them with enough data about your balances and activities. Couple that with Ledger Recover and any information they share with government agencies, and there is now a method for freezing your assets if you are suspected of money laundering, not paying your taxes, etc.     

[n0nce]

How do they already know the addresses that a person used? I mean, I guess there's still the risk that seeds aren't generated truly randomly (since - again - closed source firmware). But besides that, I'm not sure how you come to this conclusion.

What I meant is, there is nothing more they would be able to know just by receiving your hardware wallet again, they already know everything that they could reveal about you when you send it back.

Well, there's a chance that the wallet is not maliciously 'pre-seeded' such that they know every customer's seeds and addresses in advance, while at the same time they may be able to extract 'deleted' seeds from a returned device.

Ideally, they should not be able to know customers' seeds, no matter whether they send it in or not. But since we have no code, there's no way to verify whether this is the case.

Of course, all this is nothing but speculation, but in theory, they could know about everything that you worry about when sending them the hardware wallet back, so by spending your coins and sending it back -- there is nothing left to risk in that process, the risk has already been fully taken the moment you trusted their closed source firmware.

In my opinion, it's more likely that erased memory can be recovered when people send in the wallet for a refund, than Ledger actually using deterministic seeds. But it's mostly a gut-feeling type of thing for me.

How do they already know the addresses that a person used? I mean, I guess there's still the risk that seeds aren't generated truly randomly (since - again - closed source firmware). But besides that, I'm not sure how you come to this conclusion.

Think of it this way: If you use Ledger Live, and you have to at least once to install the firmware and the needed crypto apps, they can get information about your public keys, addresses, and the balances you connect to their servers. Something similar that Electrum does when you connect your wallet to an Electrum server.

Even if you purchased your HW anonymously and had it delivered to a PO box or company where you work, they would still be able to connect your name to the wallets that were connected to their servers in the past if you decide to send the HW back. I doubt you can ship a package anonymously, unless you get someone else to do it for you.   

I see; so there's no alternative client for initial setup / updates / app installs and so forth, like on Trezor with trezorctl command-line client?
Somehow I thought a similar thing existed for Ledger, as well. Maybe that was a thing in the past which got killed. Or my memory simply tricked me. Then I guess Ledger users are SOL no matter what.

It may be possible to clone https://github.com/LedgerHQ/ledger-live and patch out all the connections to Ledger servers, or even just do it through your firewall. Someone may even have done it before, not sure about that. It should be evident that I'm not too knowledgeable or experienced with Ledger products myself.