Online world, offline keys. How Ledger protects your crypto.

Medium Apr 8, 2022 · 4 min read

Key Takeaways:
— Cryptocurrency is inherently online with blockchain transactions living on the internet, but the internet is a bit of a dangerous place and hacking and attacking leaves online digital-funds vulnerable.

— Hardware wallets are designed to keep private keys off the internet and away from the online connection points that hackers can get to. So how can online transactions be signed?

— Ledger uses a totally unique system, using both Ledger Live app and the Nano, that enables you to approve transactions in separate stages. This means your private keys maintain their safety. Here we explain how this system works, and how it differs from other wallets.

— Why would you transact in any other way? This is the only truly safe way to complete a crypto transaction, and here we explain why.

Your house is your sanctuary – the place where you store your most precious possessions, and where you can be absolutely sure that nobody else can come in.

So imagine locking the door to your precious abode, leaving the key under the mat, and walking away…anxious yet?

An Offline Key is the Only Key

It might seem like a different world, but this scenario is not all that far away from how you handle your crypto. When you create a blockchain address, your ownership of everything stored there depends on your private keys. If someone else gets those keys, consider your stuff gone.

And just like in real life, most of the threats to your private keys come from opportunists seeking easy access to your address. For crypto, these opportunists tend to reside online – so keeping your keys in an online wallet can be an open invitation to hackers looking to access your blockchain address.

A key stored online is simply not safe. And that can be complicated.

Ledger: Offline Keys, Online World

Whether you’re browsing NFTs, using an exchange or enjoying the growing ecosystem of dApps and DeFi, more or less all your crypto options are accessed via the internet. All you need is a wallet, some crypto, and those all important private keys.

And unless you’ve been hiding under a rock, you’ll know that Ledger’s entire mission is protecting your private keys by keeping them offline and securely in your device. But that still leaves one question.

If your keys are always offline, how does your Ledger Nano complete transactions with online dApps marketplaces and platforms?

In this article, we’ll explain exactly how transactions happen within your Ledger Nano – and how our system enables you to interact with the growing spectrum of online platforms, while your keys stay offline.

What happens when I sign a crypto transaction?

Let’s start by taking a step back: we talk a lot about crypto here at Ledger, but something we rarely get into is what actually happens in your wallet when you sign a transaction. So let’s break down that process now.

Your Wallet in Action

Picture the scene: you’ve seen the NFT you’ve been chasing for months, and you’ve hit the “buy” button on-screen. What exactly is being communicated between the transacting platform and your Nano?

A transaction – of any variety – has two elements. First, it involves you looking at the terms of the agreement, making sure you’re happy with it and giving your consent; but it also involves the agreement being finalized and actively carried out by the other party.

Like a regular transaction, crypto transactions are also broken down into two parts:

  • The intent: this is the detail of the transaction, which you the user must agree to by cryptographically signing. 
  • Transmission of the signed transaction to the blockchain.

When you transact online with a hot wallet, your keys are already online – so these phases can happen simultaneously.

How Ledger’s Unique Ecosystem Keeps You Safe

But when you use a Ledger device, the process is slightly different. Instead of happening simultaneously, Ledger splits the transaction into an “offline” part and an “online” part, and it does this using its two key components of our system, the Nano itself and the Ledger Live interface. Let’s examine how those create the safest environment for transacting in crypto.

1) The Intent

When you initiate a transaction, your wallet interface (your hot wallet app, or Ledger Live if you’re using a Nano) crafts what is known as an intent. The intent is a communication between the dApp you’re using and your wallet, and it contains the details of the agreement for you to verify. It is basically an electronic proposal.

Where you’re using an online wallet, you’ll see the intent displayed on the wallet interface, and you’ll agree to sign using that same interface. But with a Ledger, there is an extra step, because your keys, which you need to verify the transaction, are being stored offline.

This is where Ledger’s unique two-part system comes in. As you’ll remember from the set up process, the Ledger Live app is designed to communicate with our Nano, and this comes to the fore during transactions. The Ledger Live app communicates the intent (via bluetooth or physical connection) to your offline device. You’ll see the details of what you’re signing on the Nano’s Trusted Display. Using your private key, you can then cryptographically sign it within the device.

We refer to this offline storage (also known as cold storage) as the principle of isolation, meaning your private key is isolated in security and aren’t ever exposed to the internet or the computer to which they’re connected.

2) Transmitting the Transaction

From there, phase two! Although you have now signed the intent, the transaction still isn’t complete – for this to happen, it needs to be transmitted back to your Ledger Live interface and finally to the blockchain. This process that happens online; meanwhile, the private keys themselves can remain inside the device.

So in essence, Ledger’s two-part system breaks transactions down into components, using the Ledger Live interface to communicate with the relevant dApp and craft the details of your interaction, while the device itself hosts everything relating to the keys and the cryptographic signing of the agreement. The result? A seamless, completed transaction that doesn’t compromise the security of your keys. Ever.

The Safest Way To Handle Transactions 

An offline key is the only key! Now that we’ve broken this process down into components, it seems pretty crazy that you’d do it any other way. Yes – the crypto ecosystem is expanding by the day – but that absolutely does not mean you need to compromise on your security. And Ledger makes sure you don’t need to. 

The phone in your pocket and the computer on your desk will not protect those all important private keys from attackers – but a Ledger Nano does, while the Ledger Live app leaves you free to explore your universe of crypto options. So get free, stay safe – and keep on learning. The more you understand, the more crypto can offer you.

Knowledge is Power.

Security should be your #1 concern when you’re using crypto – and understanding the risks is the first step. Check out this School of Block episode for the lowdown.

Related article

Share this article

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our
newsletter

New coins supported, blog updates and exclusive offers directly in your inbox