Ledger N3XT: Ledger Agent Stack Build & Show

Before You Dive In:

• Ledger N3XT is a long-term global education program supporting student blockchain clubs and university builders, running engagements from Lagos to Cambridge and now into the developer community at scale.
• The Build & Show challenge drew 50 submissions from 38 universities across 8 countries, with builders applying Ledger Agent Stack’s core principle across use cases spanning freight settlement, DeFi automation, treasury governance, and Telegram-native wallets.
• The results feed directly into Ledger’s 2026 AI security roadmap, and signal what the next phase of the N3XT program will offer developers who want to build on the hardware root of trust.

The Ledger N3XT Build & Show challenge ran for eight days in June 2026, in partnership with College.xyz. It drew 50 submissions from 38 universities and blockchain clubs across 8 countries, with 46 public GitHub repositories. Builders came from Yale, EPFL, Purdue, and 42 Paris, as well as universities in Nigeria, India, Ethiopia, Ghana, and the UK. 

The volume was unexpected. But the more telling result was the breadth of what builders did with the Agent Stack’s core principle: they took it into freight logistics, DeFi rebalancing, Telegram interfaces, CI/CD pipelines, and prediction market payouts. This recap will dive into that range and the experience of the student builders behind it.

What is Ledger N3XT?

Ledger N3XT is Ledger’s long-term commitment to the next generation of builders, educators, and founders in the digital ownership space. It launched at Ledger Op3n in October 2025, bringing 25 student leaders from 12 blockchain clubs to Ledger’s Paris headquarters for two days of immersion, expert Q&As, and a private look inside the Ledger Donjon.

The program runs on a sustained infrastructure with tailored educational content, on-campus events, access to thought leaders, and resources that most university clubs cannot access on their own. Build & Show is its first developer-focused challenge, but it follows a broader arc of engagement that has been building since Ledger Op3n.

Ledger N3XT headed up to Cambridge for a two-day residency with @camblockchains.

A fireside chat on digital private property and Proof of Humanity with a packed room, followed by a formal dinner at the iconic Cambridge Union. Professors, researchers, students, and the Ledger… pic.twitter.com/dzIoiyi7jh

— Ledger (@Ledger) May 8, 2026

The most recent in-person activation before Build & Show was a visit to the University of Cambridge, where Ledger N3XT spent two days with the Cambridge Blockchain Society. The conversations there, covering agentic AI, cryptographic identity, on-chain privacy, and what it means for hardware to anchor human consent in an AI-driven world, made it clear that this generation of builders is energized and ready to shape the future of secure infrastructure in the agentic age.

Build & Show was the invitation to start building it.

The Build & Show Challenge

The premise was straightforward because the problem is straightforward. AI agents are already moving real money. Most of them do it on software secrets: API keys stored in .env files, making them copyable, stealable, and wholly unsuited to high-stakes autonomous action.

Ledger spent a decade building a hardware root of trust for human users. The Ledger Agent Stack extends that same foundation to the agentic era. The Device Management Kit (DMK) and Wallet CLI give developers open-source primitives to put hardware-enforced signing into any agent workflow. Agents propose. Humans approve. The Ledger signer enforces. The private key never lives in a file.

Builders joining the challenge had eight days to pick a lane and prove the concept:

• Zero to Signed: install the DMK or Wallet CLI, wire it into an agent, and show the signing flow ending on a Ledger signer.
• When Your Agent Has No Kill Switch: an editorial breakdown of why software-only security fails for agents touching value.
• Build Something Real: a trading agent, treasury bot, or multisig workflow with a public repo, README, and walkthrough.

Builders without a physical Ledger signer could still qualify in full, utilizing Ledger’s open-source device emulator, Speculos. The only hard requirement: genuinely use the tooling and show your work.

By The Numbers

While 50 submissions form the headline, the detail inside that number tells a sharper story. 86% of builders touched the DMK, making it the clear preferred path for hardware-layer integration. The Wallet CLI served a further 14% as a higher-abstraction entry point. 

The more striking signal was the spread of use cases. Security guardrails and prompt-injection defence led with 19 builds, but the cohort also covered DeFi automation, treasury and payments infrastructure, wallet copilots, and foundational signing references. Builders were not all solving the same problem; they were applying the same security primitive to different ones.

Ledger Agent Stack in Practice

Ledger Agent Stack is built on a clear premise documented in Ledger’s 2026 AI security roadmap: agents propose, humans approve, and the Ledger signer enforces. Build & Show was one of the first open tests of how far it could reach. The answer, across 50 submissions in eight days, was further than expected.

19 builds fell into the security and guardrail category alone. Builders took the same foundation and applied it to stablecoin settlement for a real freight startup, dollar-cost-averaging agents, on-chain prediction market payouts, a Solana wallet running inside Telegram, and a CI/CD pipeline that refuses to deploy unless a Ledger signer approves the signing key. 

Across this cohort, that principle proved durable at real-world scale.

Five builds showed the range particularly well:

Harbormaster — Aidan Olazabal, Yale University

Built directly out of a real freight-forwarding startup, Harbormaster is an autonomous stablecoin settlement agent gated by a deterministic policy engine and on-device Clear Signing. Forty-one tests, a hash-chained audit log, and a two-act prompt-injection demo. The most rigorous submission in the cohort, and one that maps cleanly to enterprise and multisig use cases.

Once an AI agent moves real money, the question isn't whether it's smart enough. It's: where does the authority to move funds live? So I built Harbormaster to answer that. 🧵 /

Built with @Ledger's Agent Stack. #LedgerSponsor #Sponsored

— Aidan Olazabal (@AidanOlazabal) June 5, 2026

“It added something real to our infrastructure stack… I’ve been following the space for a while and even made it out to their [Ledger x 1inch workshop] event at Yale.”

Aidan Olazabal, Yale University, built Harbormaster out of live infrastructure for his startup:

ostium — subheeksh, Pseudonymous Submission

Hardware-signed, time-bound, limit-enforced mandates for AI trading agents. The framing: “permission, not keys.” A trading agent operates within a mandate you sign on the Ledger signer: per-transaction limits, per-day caps, enforced by middleware before anything reaches the device. A novel model for governing autonomous agents without surrendering custody.

AI agents manage $50B but store your keys in .env files.
Built ostium — hardware-signed mandates using the @Ledger Agent Stack. Your AI agent gets permission, not your keys. Wallet CLI v1.0.2. DMK. Speculos.https://t.co/RlpYd1AMVnhttps://t.co/D898X48EdX#LedgerSponsor

— Subheeksh (@KomariS18774) June 10, 2026

ClearGate — Demilade Ayeku, University of Lagos

Rather than building the standard “agent proposes, human approves” model, ClearGate asked what that model quietly assumes, and answered by enforcing a single, upstream rule: refuse to sign any transaction the device cannot render via ERC-7730. No human-readable intent, no signature. ClearGate treats blind signing as the attack surface and eliminates it.

I gave an AI agent live access to my wallet, kept the keys on a Ledger and it still got robbed.

Then I fixed the part the hardware can't fix on its own.

The agent only signs what your device can show in plain language.@Ledger #Sponsored #LedgerSponsor pic.twitter.com/icQYrc9MUt

— Demilade🗣️ (@AgenttDefi) June 11, 2026

“The obvious build is ‘agent proposes, human approves on the Ledger.’ I started there, then asked what that model quietly assumes… ClearGate is one rule: refuse to sign anything the device can’t render via ERC-7730. It turns ‘hope the human notices the hex’ into ‘no readable intent, no signature.'”

Demilade Ayeku, whose ClearGate project focused on blind signing, described how the architecture forced a harder question:

Ledger Clear-Sign Agent — Sofiane Zidane Ben Taleb, ESILV

A different angle on the same problem. Rather than blocking at the policy layer, enforcement here is What You See Is What You Sign: the real recipient is verified on the device screen at the moment of signing, regardless of what any upstream layer may have tampered with. An end-to-end test signs a valid transaction and rejects a malformed one. The build’s framing: “an AI invoice-paying agent that can be lied to, and a Ledger that can’t.”

built a treasury agent on @Ledger's Agent Stack (DMK). a poisoned invoice swaps the payout address: the agent falls for it, but the Ledger clear-signs the real recipient on-screen and i reject it on the device.#LedgerSponsorhttps://t.co/Ns8FkTLGOE pic.twitter.com/ztZ4oQ6SzR

— fianso (@dvb_fianso) June 11, 2026

Warden — Garvit Dadheech, Birla Institute of Technology

A hardware-gated Solana wallet that lives inside Telegram. Chat commands build transactions in-process; signing stays on the device via the DMK; no keys exist in the bot. The most original interface of the cohort, and a demonstration that the hardware layer is a composable primitive, not a specialist tool.\

most Telegram crypto bots work like this:

→ they generate a wallet for you
→ store the private key on their server
→ OR ask you to paste your key into a .env

that's custodial, or one leak away from custodial

there's a better way 👇@Ledger #LedgerSponsor

— Garvit Dadheech (@gambishhhh) June 8, 2026

In Their Own Words

The submission form gave builders space to explain what drew them to the challenge. The responses read as builders identifying a problem they had already encountered, and describing what it felt like to find a credible answer.

Madhav Gupta, building a hardware-gated agent for his university project, put it as plainly as anyone in the cohort.

“Even if the agent is tricked or given a bad instruction, the final recipient and amount still show up on the device before anything gets signed.”

Yash Karakoti, who built a hardware-secured dollar-cost-averaging agent, captured why the Agent Stack felt like a missing piece rather than an optional add-on.

“Seeing autonomous agents operate on hot .env keys is a massive vulnerability, and the Ledger stack finally provides the missing hardware guardrails.”

What Comes Next?

The Build & Show cohort produced early, real-world validation for an infrastructure thesis at the centre of Ledger’s 2026 AI security roadmap. The builds from this cohort sit squarely on that roadmap. Beyond simply proving a concept, these builders sketched out real applications for infrastructure that is still being developed.

AI agents are already moving institutional money. The governance layer for that is being written now, by developers who show up early. Ledger N3XT is how Ledger finds those developers.

Explore the Ledger Agent Stack at Ledger’s Developer Portal