Should I Be Worried If My Ledger Doesn’t Have A Tamper Proof Seal?
So you just received a package with your brand new Ledger hardware wallet. Authorized retailer? Check. Intact anti-tampering seal? Nope.
Think your product has been tampered with? Let’s find out...
In the recent past, all Ledger products were shipped with a tamper-proof seal. However, this is no longer the case. The tamper proof sticker that Ledger’s products use to ship was proven to be ineffective and susceptible to tampering.
Therefor, there’s no reason to worry. Ledger product’s no longer ship with a tamper proof seal!
Keep reading to find out why this change was made and what it means.
Why a Tamper Proof Seal Is Useless
You may have watched videos of customers unboxing Ledger products that shipped with a grey sticker on one side of the box. Note that new boxes do not have the tamper proof seal on them.
Take a look at the image above. You’ll notice that the “tamper proof seal” is useless, since the box can be opened without breaking the so-called security seal.
This makes it easy for scammers to open a box and use the old grey tamper proof seal to trick vulnerable recipients into thinking that the wallet is a brand new, unopened unit.
This is precisely why Ledger stopped shipping their products with this essentially pointless grey sticker!
How to Ensure Your Ledger Device Is Genuine
Use Authentic Ledger Applications
All authentic Ledger products ship with a card that contains “Did You Notice” titling, explaining the tamper proof seal situation.
If for some reason you misplaced the box, you can still check the device’s authenticity through a test called “attestation”.
An attestation test is basically a cryptographic challenge presented to the device each time it is connected to the computer. During the attestation process, the Ledger wallet chrome application sends a random number value to the device. The Ledger device then signs this random value plus the firmware version, using an embedded private key shared by some batches.
The Chrome app knows the public key and can verify the signature.
For example, if an attacker switched the Ledger device with a replica running rogue firmware, it wouldn’t pass the attestation test and would immediately be rejected as non genuine.
There is absolutely no way that an attacker could replace the firmware and make it pass attestation, without knowing the Ledger private key.
All devices must be initialized before being used. Don’t worry: the device comes fully set up with a wallet and you’ll be the only one with that information. Ensure you “create a new wallet” while configuring it.
During installation of Ledger Live, the software itself will automatically check to see if your device is genuine.
However, messages that state "MCU firmware is not genuine" are almost always due to simple errors such as USB connectivity or Ledger Network issues.
These errors are not actually due to a compromised device and they can be easily overcome with basic troubleshooting.
Additionally, it’s important to remember that Ledger’s secure element chip that is contained inside the Nano S is:
- State of the art - the same technology used in modern day passports and visa cards.
- Your private key is stored completely offline (cold storage) in the secure chip, so even if you’re on a compromised computer, your assets are safe. This is why, to this date there have been no known instances of users having their assets stolen from a Ledger device during a hack.
Make sure you purchase from an Authorized Seller
You can buy your device directly from Ledger or through an authorized reseller such as us here at The Crypto Merchant to ensure that your device is authentic.
To view all of our authorized and verified secure hardware wallets, click here
Check the contents in the box before initializing
An authentic Ledger package should include:
A “did you notice” card
A “getting started” card
A blank recovery sheet (3 copies)
Other accessories (lanyard and keychain)
A ledger device
Ensure the recovery sheet is blank. If not, the device might have been previously configured. If this is the case, the device is not safe and you should not use it.
Ledger never provides a 24-word recovery phrase. This should be obtained from the device’s screen, once it has been configured.
So if you’re device has shipped with a card filled with passphrase words, it is a compromised or previously configured device, and you should return it immediately.
If you’re in the market for a hardware wallet, it means that you’re already a pretty security conscious individual and crypto user.
However, it is important to reiterate that Ledger devices do not come with a tamper-proof seal, since they are useless (for the reasons stated above).
Instead, confirm your device’s authenticity, by performing the attestation test, and make sure that your device has been purchased from an Authorized Seller such as The Crypto Merchant (Ledgers top North American Partner and online retailer).