What are Ledger Applications and Why do I Need Them?
| KEY TAKEAWAYS: |
| — Applications on your Ledger signer let you manage cryptocurrencies and access services from a range of providers — Ledger apps cannot interact with one another, instead Ledger OS keeps them isolated from one another for optimal security. — If you uninstall and reinstall an app, you won’t lose your crypto – it will give you access to the same addresses. |
Ledger hardware wallets (signers) use applications to manage your cryptocurrencies. These can be installed onto your signer through Ledger Wallet™s Manager. But why do we use apps f and what is their purpose? Let’s take a closer look.
Applications on Ledger signers play a vital role in managing your crypto assets – for each cryptocurrency, there’s a dedicated app. These apps can be installed onto your hardware wallet by connecting it to Ledger Wallet™.
So what do these apps do?
The creation of your private keys
Your 24-word secret recovery phrase is a backup of all your crypto assets – which must be stored securely. Each individual cryptocurrency address is managed by a Private Key. While the 24 words can grant access to all your crypto accounts, each Private Key only does so for one specific crypto asset address.
Designed for optimal security, your apps do not have access to the secret recovery phrase. Instead, it sends a request to generate a key pair from your 24 words, based on a specific parameter called a derivation path. The derivation path is unique for each crypto asset. All of this takes place in the Secure Element chip of course, to make sure that these sensitive operations remain secure.
Great! You now have the private key of your desired cryptocurrency on your signer! The application can then derive your Public key from it. Once you have a public key, it’s translated into a more user-friendly form known as your address. This is where anyone can send cryptocurrencies to you.
We’ve made the following diagram to summarize this process:
So why do I still need my applications after this?
Your Private Keys are still very important afterwards – they are needed for verifying your receiving address and transactions. Without using your private keys, you cannot perform either of these actions. Let’s take a look at how this works:
- You’re trying to make a Bitcoin transaction, for which you need your Bitcoin Private Key to sign (i.e. give the approval for) the transaction. After determining how much Bitcoin you want to send to a certain address, your wallet application will send a signature request to your Ledger hardware wallet.
- Your Ledger device will then show you what exact request was made by the wallet application on its screen so that you can verify if it indeed matches the transaction you’ve set up. This mitigates a so-called man-in-the-middle attack.
- After having verified and approved the transaction, the application on your Ledger device will create the correct signature by using the Private Keys and send this back to the wallet application.
- After this, the wallet application will broadcast the transaction to the blockchain – your transaction is completed!
But can’t Apps interact with each other?
No, they cannot. Ledger has decided to use individual apps for each cryptocurrency. This is for security reasons and to allow third-party development (more on this later).
The security reason is to assure that if there is a problem with one cryptocurrency app, it would never be able to affect any other crypto asset. This principle is enforced by the custom Operating System that we’ve designed and developed at Ledger called Ledger OS.
Not only is Ledger the only hardware wallet provider that has created their own Operating System, we’re equally one of the few that make use of an application system. Other hardware wallets use what is known as a monolithic firmware. In these, if there’s a problem with the code for one cryptocurrency, it can affect all others.
Third-party development
Since apps are separate from one another and cannot interact with each other, we can allow others outside of Ledger to develop their own apps as well. We’ve been able to publish over 40 applications that were created by cryptocurrency community members and developers – for which we’re extremely grateful!
Naturally, we do still review these to make sure that they meet the highest UX and security standards. You can read more about the process of submitting an application to us here.
Is my crypto gone if I uninstall an application?
Not to worry, your crypto will still be accessible to you! As mentioned in the beginning of this article, your Ledger signer generates your Private Keys from your 24-word secret recovery phrase based on a specific parameter called a derivation path.
This means that if the secret recovery phrase on your signer stays the same, the signer will always generate the same keys in the same order. As such, when you install the application again it will give you access to the same addresses as before.
