Ledger’s Custom Operating System: Ledger OS™
| KEY TAKEAWAYS: |
| — Ledger hardware wallets use a tamper-proof chip called a Secure Element. This chip runs a custom operating system named Ledger OS™. — Ledger OS runs your apps and makes sure each app on your Ledger signer works separately. Thanks to this operating system, a transaction you make with one account doesn’t affect the security of another. — Ledger OS is just one part of the Ledger security model designed to keep your assets safe. |
Most devices have an operating system (OS). For example, your computer likely runs Windows or Mac OS, allowing you to install applications (for example: Microsoft Word). Without an operating system, you can’t run apps.
But specific devices need specific Operating Systems. You wouldn’t want to control your mobile phone with an operating system designed to handle a vacuum cleaner. And the same can be said for hardware wallets.
So how does that fit in with Ledger signers?
If you have a Ledger hardware wallet (signer), you might wonder how it works. Diving into Ledger’s security model, let’s explore Ledger OS, Ledger’s custom operating system.
What is Ledger OS?
Ledger OS is the operating system all Ledger signers rely on. Essentially, the operating system operates your apps within the Secure Element chip. Since the Secure Element chip is tamper-proof, your device operates securely. Ledger OS drives your secure screen and allows you to manage your private keys directly with the Secure Element chip. It also keeps your information isolated so your apps are protected from each other too.
Understanding the Tech Behind Ledger OS
Ledger OS stands out as a hardware wallet operating system as a custom-made, multi-application operating system designed specifically to store and manage private keys. But how does the tech behind it work exactly?
Ledger OS is a Custom Operating System
Ledger OS operates on the Secure Element chip, and this is the key to why it’s custom-made.
To explain, Secure Element chips can be purchased in one of two ways: either containing a generic operating system; or completely blank, without an operating system at all. For Ledger signers, only the latter provided a reasonable solution as the generic operating system of a Secure Element is not designed for storing private keys and signing transactions.
Ledger OS however, is designed specifically for storing private keys and allowing you to manage crypto assets securely.
Ledger OS is Multi-Application By Design
Many hardware wallets don’t use an OS, opting to store everything in a single application: the device’s firmware. This is called monolithic firmware. This may seem convenient, however, this single-application architecture has some major drawbacks.
Put simply, apps managed by the same application can communicate. If there’s a vulnerability, the entire firmware must be updated. It’s also challenging to add new apps to the system as a third-party developer.
As such, Ledger devices are multi-application by design. Anyone can design an app, and each app operates separately from one another. This ensures your security when interacting with multiple apps which may require different sensitive information. To do this, Ledger devices rely on BOLOS.
What is Ledger OS For?
Ledger OS has four key features. It: keeps your apps isolated, allows anyone to develop an app, provides a genuine check, and allows you to verify transactions. Let’s dive into each of these pieces.
Cryptocurrency Applications & Isolation
Ledger OS allows for installing applications that are isolated from each other. It also keeps your 24-word secret recovery phrase and private keys isolated from the applications.
Open: Anyone Can Develop Ledger Wallet™ Apps
Thanks to the isolation and flexibility that Ledger OS brings, third parties can easily develop applications for Ledger signers. Not only that, there’s also a developer portal to help you on your journey. Start developing your own Ledger Wallet™ app following the process outlined here.
Signature and Genuineness Mechanisms
Ledger OS allows the use of a system called a Root of Trust. Through it, you can verify your device is genuine when you connect it to Ledger Wallet. It does the same for the installation of applications and updating your firmware.
Verifying Your Transactions Physically
Ledger’s operating system Ledger OS also ensures that transactions are confirmed physically. Ledger signers benefit from a secure screen, driven directly by the Secure Element thanks to Ledger OS. While your computer’s screen is vulnerable to hackers, your Ledger device’s secure screen is operated by Ledger OS on the Secure Element chip, a tamper-proof environment.
BOLOS: Another Key Part of Ledger’s Security Model
Your signer relies on an operating system to be user-friendly and secure, and Ledger OS is equipped to keep your assets safe and easy to use. But Ledger OS is just one part of Ledger’s Security Model. It also works alongside the Secure Element, the Secure Screen, a PIN code, and of course, rigorous testing in the Ledger Donjon.
So what are you waiting for? Get a Ledger device and embrace secure self-custody.
