S8 E2: Charles Guillemet on Ledger

Charles Guillemet is the CTO of Ledger and also the creator of the Donjon (the company’s security research department). So in the process of exploring the security innovations that have been added (or are yet to be added) to Ledger hardware wallets, it was essential to get Charles’ expertise.

Ledger is still the leader of the hardware wallet market, and their approach to security is still unique. Unlike Trezor and its subsequent clones, the French company prioritizes security and simplicity over open-source development. In recent years, Ledger has made efforts to publish more of the code that goes into their devices – but the approach for the trademark secure element chip remains opaque.

In some ways, this episode is a continuation of last year’s conversation with Nicolas Bacca (BTChip), Ledger’s co-founder and Head of Innovation. But since there’s a lot that changed in the meantime, it was useful to once again ask some of the same questions. For instance, Ledger Live now supports connectivity with your full Bitcoin node – a merit which landed developers Arnaud97234 and Gaëtan Renaudeau a spot in my top 7 Bitcoin wallet developers of 2020.

Also, as you’re about to find out from this interview, Ledger is working on native multisig integrations. Since we still don’t have unified standards for multisig, it’s useful for hardware wallet manufacturers to step in with contribution that make setups a lot easier for their users.

During this hour-long interview, I’ve also asked Charles Guillemet to do a quick comparison of hardware wallet devices. In a nutshell, how does the Ledger Nano X compare to the Trezor Model T, BitBox02 and Coldcard? Also, are there any merits that one can find in lesser known hardware wallet brands? And last but not least, we’ve tried to find a good answer to the question “Why use any hardware wallets at all?”.

Listen to Charles Guillemet on Apple Podcasts and Spotify!

If you don’t have an account on streaming services and would rather listen to the episode with privacy, then please use my RSS feed. I strongly recommend that you use the Tor browser to increase your privacy.

And if you want to, you can download the episode on your own device thanks to the dedicated button. Your privacy is more important than my Spotify statistics.

This episode is sponsored by Vaultoro and Wasabi Wallet.

Want to learn more about the values of the two companies? I have recorded episodes with both Joshua Scigala (Vaultoro CEO) and Nopara73 (Wasabi Wallet creator).

If you would like to support the show and you’re into trading hard money like bitcoin, gold, and silver, then sign up to Vaultoro using my referral link. Vaultoro will help you forget about shitcoins and focus on sound money. They also allow you topick up your gold bars or have them shipped to your address, so you don’t have to trust any custodian with your money. Keep in mind that you are responsible for your own decisions and I am not providing you financial advice.

And if you would like to increase your network and transaction privacy, you should download Wasabi Wallet on your computer. It routes your connection through the Tor network to hide your IP, it downloads block filters so you validate your own transactions locally without appealing to a trusted third party, and it also connects to your own full node to boost your financial sovereignty. Wasabi is best known for its link-breaking CoinJoins, which are giving a hard time even to the EuroPol. Use the wallet to increase your financial sovereignty, but don’t do any illegal stuff – use your financial sovereignty with responsibility (also read the Wasabi terms of service).

Episode Time Stamps:

0:00 – 3:01 – Intro

03:02 – The journey of the Ledger Nano X

05:00 – Bluetooth and mobile connectivity for Ledger Live

05:55 – What makes Ledger devices unique and what’s the difference between Nano S and Nano X?

09:29 – Microcontroller differences between Nano S and Nano X

11:15 – How expensive is it to break the security of a Nano S or Nano X when the hacker gains physical access?

15:13 – Ledger Live’s support for connecting a full Bitcoin node

20:06 – How Coin Control (UTXO management) works

21:34 – Tor routing on Ledger Live?

22:35 – Ledger Live on desktop vs Ledger Live on mobile

24:03 – Full node on smartphones 

25:40 – Ledger Nano X vs Trezor Model T

27:45 – Ledger Nano X vs BitBox02

29:02 – Ledger Nano X vs Coldcard 

31:15 – Ledger Nano X vs Cobo, Passport, Jade, SafePal & others

34:09 – What is Ledger’s DonJon? 

36:09 – Charles Guillemet’s contributions to finding vulnerabilities in Trezor

37:57 – PSBT, Airgap, QR codes & Shamir

41:54 – What are the security advancements that get Charles Guillemet most excited? (Schnorr, Zero-knowledge proofs, cryptography)

45:26 – Why should we still use hardware wallets, in spite of critics?

47:06 – How can Ledger users protect their devices?

48:55 – Never type the seed phrase on your keyboard

50:23 – Is multisig the silver bullet for security? What about Shamir Secret Sharing?

55:16 – Exclusive announcement about adding native multisigs to Ledger

56:38 – What’s next for Ledger?

57:58 – Should Ledger users set up passphrases?

59:00 – Closing statements

Vlad Costea

I'm here for the freedom, censorship-resistance, and unconfiscatability. What about you?

So, what do you think?

Follow Me