What are Ledger Applications and Why do I Need Them?

Beginner Mar 27, 2020

Ledger Applications
Key takeaways:
– Applications on your Ledger device calculate the Private Keys for your crypto assets
– They are also used for verifying transactions and receiving addresses
– Ledger apps cannot interact with one another for optimal security
– If you uninstall and reinstall an app, you won’t lose your crypto – it will give you access to the same addresses

Ledger hardware wallets use applications to manage your cryptocurrencies. These can be installed onto your device through Ledger Live’s Manager. But why do we use apps for the Ledger Nano X and Ledger Nano S? What is their purpose? Let’s take a closer look.

Applications on Ledger devices play a vital role in managing your crypto assets – for each cryptocurrency, there’s a dedicated app. These apps can be installed onto your hardware wallet by connecting it to Ledger Live

So what do these apps do? To summarize it shortly, the app on your hardware wallet calculates private keys based on your 24-word recovery phrase and are used to verify receiving addresses and transactions. While we want to give you some more insight into this process, we also want to explain a bit more as to why we use an application-based system.

The Creation of your Private Keys

Your 24-word recovery phrase is a backup of all your crypto assets – which must be stored securely. Each individual cryptocurrency address is managed by a Private Key. While the 24 words can grant access to all your crypto accounts, each Private Key only does so for one specific crypto asset address.

Designed for optimal security, your apps do not have access to the recovery phrase. Instead, it sends a request to calculate the Private Keys from your 24 words, based on a specific parameter called a derivation path. The derivation path is unique for each crypto asset. After having satisfied necessary security checks, the app will receive a reply with the Private Keys. All of this takes place in the Secure Element chip of course, to make sure that these sensitive operations remain secure.

Great! You now have the Private Keys of your desired cryptocurrency on your hardware wallet! The application can then derive your Public Keys from it. These are also better known as your addresses. This is where anyone can send cryptocurrencies to you.

We’ve made the following diagram to summarize this process:

Ledger Private Keys Derivation

So Why do I Still Need my Applications After This?

Your Private Keys are still very important afterwards – they are needed for verifying your receiving address and transactions. Without using your private keys, you cannot perform either of these actions. Let’s take a look at how this works:

  1. You’re trying to make a Bitcoin transaction, for which you need your Bitcoin Private Key to sign (i.e. give the approval for) the transaction. After determining how much Bitcoin you want to send to a certain address, your wallet application will send a signature request to your Ledger hardware wallet.
  2. Your Ledger device will then show you what exact request was made by the wallet application on its screen so that you can verify if it indeed matches the transaction you’ve set up. This mitigates a so-called man-in-the-middle attack.
  3. After having verified and approved the transaction, the application on your Ledger device will create the correct signature by using the Private Keys and send this back to the wallet application.
  4. After this, the wallet application will broadcast the transaction to the blockchain – your transaction is completed!

As you can see here, your Private Keys never leave your Ledger device. Without your device and the correct app installed on it, transactions cannot be made.

But Can’t Apps Interact with Each Other?

No, they cannot. Ledger has decided to use individual apps for each cryptocurrency. This is for security reasons and to allow third-party development (more on this later).

The security reason is to assure that if there is a problem with one cryptocurrency app, it would never be able to affect any other crypto asset. This principle is enforced by the custom Operating System that we’ve designed and developed at Ledger called BOLOS.

Not only is Ledger the only hardware wallet provider that has created their own Operating System, we’re equally one of the few that make use of an application system. Other hardware wallets use what is known as a monolithic firmware. In these, if there’s a problem with the code for one cryptocurrency, it can affect all others. 

Third-Party Development

Since apps are separate from one another and cannot interact with each other, we can allow others outside of Ledger to develop their own apps as well. We’ve been able to publish over 40 applications that were created by cryptocurrency community members and developers – for which we’re extremely grateful!

Naturally, we do still review these to make sure that they meet the highest UX and security standards. You can read more about the process of submitting an application to us here

Is my Crypto Gone If I Uninstall an Application?

Not to worry, your crypto will still be accessible to you! As mentioned in the beginning of this article, your Ledger device calculates your Private Keys from your 24-word recovery phrase based on a specific parameter called a derivation path

This means that if the recovery phrase on your device stayed the same, the calculation will have the same result. As such, when you install the application again it will give you access to the same addresses as before.

Related article