1. Ledger does not know your private keys
Ledger utilizes a decentralized wallet system. You generate the private keys on your Ledger device during the initialization process, and they are then stored within the Secure chip of your Ledger device. Ledger never has the opportunity to make a copy of your private keys.
2. No one can access your secrets
Your private keys are held in a Secure chip, and they never leave it. Whenever a transaction is signed within the Secure chip, the private keys never become visible to the computer the Ledger device is connected to. A compromised computer will never be able to access the contents of the Secure chip.
3. Personal PIN code
Every time you connect the Ledger device to the your computer’s USB port, you need to enter a PIN code. If you fail to enter the proper PIN code three times, and the Ledger Device will reset, erasing all of its entire contents. A malware cannot reset the wallet by sending three wrong PIN codes because before trying a new PIN code it is necessary to physically unplug and replug the wallet into the USB port.
4. Two verifications
Every time you want to authenticate a transaction, a second verification is made. With a Ledger Nano or a Ledger HW.1, you need to enter a code stored on a separate offline card, providing an additional off-line security mechanism for the Ledger device. With the Ledger Nano S and Ledger Blue, manual consent is required on your device’s screen to sign the transaction. There is no known attack vector that could result in the exposure of your private keys or cryptocurrencies. Even if your computer was completely compromised and was able to replace the receiving address of a transaction on its own, the second factor verification would prevent that from happening.
During the initialization process of the Ledger Wallet, a passphrase is generated and given to you (a sequence of 24 random words). This passphrase allows you to retrieve your cryptocurrencies should your Ledger device be stolen, lost, or damaged.
6. Entropy (randomness) generator
The Nano S and Blue use a ST RNG chip to generate the entropy used to create the seed. The ST RNG has been evaluated by a 3rd party laboratory and obtained highest level certifications EAL5+, AIS-31. This methodology includes a mathematical proof of randomness and very large number of tests. The RNG is tested under various conditions of temperatures, frequency, voltage and must pass all the statistical tests. It also includes randomness defects and attacks detection mechanisms. AIS31 certified RNG are the best RNG in the world in terms of entropy, and ensure a proper seed generation using the highest possible level of randomness.
What if Ledger goes out of business?
If Ledger shuts down all its activities, the Ledger Chrome app will most probably stop to function as our API servers would be stopped.
However, this would only be an inconvenience, as your bitcoins would stay completely safe so long as you have your 24 words recovery phrase.