What is Ledger Embedded Software?
KEY TAKEAWAYS: |
— Embedded software, often referred to as Firmware, is essential for all hardware devices to operate effectively. — Ledger’s Embedded software stack is split into two main categories; embedded apps and Ledger Operating System (OS). — Ledger’s security model provides continuous updates and enables users and developers to access the evolving crypto ecosystem directly from its devices. |
As you might already know, Ledger devices are renowned for keeping private keys offline within an industry-leading secure element chip. But you might not know that this chip must be able to evolve in order to stay secure.
To explain, security is always evolving. And computer chips need updates if they want to fight new threats. More specifically, it’s the embedded software inside these chips that must evolve. Often called firmware, this embedded software is simply the code that instructs your device how to behave.
And to do so, this embedded software needs updates. Despite their crucial role, these updates are often misunderstood. But updates are necessary — both for users and the Web3 developer community.
Simply, a device cannot operate without them: you wouldn’t be able to use your device, nevermind interact with new networks and asset types without them.
To understand why, let’s dive into embedded software; from what it is to how it affects your Ledger device.
What is Embedded Software?
An embedded software stack consists of a piece of hardware’s operating system and its applications. From mobile phones and network cards to printers, routers, and TV remotes, all these hardware rely on embedded software built into their memory to function smoothly. Put simply, embedded software provides the integral key instructions for supporting other software in the first place.
So, when you update your hardware, it’s the existing embedded software stack that gains new capabilities. For instance, iOS devices will receive periodical updates to enhance the performance or security of their operating systems. They also release countless updates to add new features or support new apps too.
Understanding Ledger’s Embedded Software Stack
Ledger’s embedded software stack is simply the code that defines how Ledger devices operate. It primarily refers to two things: Ledger’s custom operating system BOLOS and embedded apps.
Let’s see how they work
Ledger’s Custom Operating System: BOLOS
Many hardware wallets opt to store everything in a single chip. This means if there’s an issue with a single component or crypto asset in your device, you’ll need to update the whole operating system. Instead of a generic Operating System (OS) like that, Ledger wallets use their proprietary OS named BOLOS, which stands for Blockchain Open Ledger Operating System.
At this point it’s important to note there are two chips within your Ledger device; the secure Element chip, which handles all of your security sensitive functions, and a microcontroller, which also has its own embedded software. The combination of code for these two chips makes up your Ledger device’s operating system, BOLOS.
BOLOS keeps every app on a Ledger device completely separate. As a result, developers can develop their own apps to be added to Ledger’s ecosystem. This enables your device to interact with new projects and blockchains without leaking information between them. Plus that means your secret recovery phrase is safe from app-based hacks too. Essentially, Ledger’s custom OS BOLOS is what supports the continual evolution of apps on the Ledger device.
Embedded Apps
So using BOLOS, your Ledger device uses embedded apps to secure accounts on different blockchain networks. Each cryptocurrency has a dedicated app which you can install on your device by connecting it to Ledger Live, meaning there is a separate embedded app for each network supported by Ledger.
For instance, the Bitcoin App is an embedded app that allows users to send and receive BTC, check their balance, and store Bitcoin. The Ethereum App, meanwhile, is designed to manage your ETH and ETH-based tokens.
Each embedded app can generate a private key for that specific network from your Ledger wallet’s 24-word recovery phrase. But don’t let that worry you: these apps do not have access to your secret recovery phrase nor your master seed. Instead, they generate Private Keys based on a specific parameter called a derivation path, which is unique for each crypto asset. That means that although your private keys are derived from your secret recovery phrase, none of your apps have access to it directly.
Why Should I Update My Ledger Device?
So now you know all about the code inside your device, but you may be wondering why you would need to update it. Well, there are a few key reasons:
To Keep Your Device Secure
Crypto scams develop just as quickly as new innovations in the field. To combat these threats Ledger established Ledger Donjon, a team of world-class white-hat hackers with extensive backgrounds in both software and hardware security.
With a focus on internal and external security assessment, this team of experts collaborates closely with Ledger’s development and hardware teams, ensuring timely Ledger updates to enhance the security of all products. They continuously scan for vulnerabilities. Then upon detection, they work together with the embedded software team to evaluate and implement countermeasures and hardening techniques. It is their relentless pursuit of new threats and commitment to improvement that upholds Ledger’s top-notch security model.
To Support New Assets or Networks
In the dynamic world of cryptocurrencies, it’s vital for providers to ensure users have access to new features, protocols, solutions, and projects. Reflecting this need, Ledger provides updates to support the latest developments, enabling users to tap into the evolving crypto ecosystem directly from their devices.
For instance, Ledger hardware wallets were actually one of the first to implement Native SegWit integration (also known as bech32) to enable faster Bitcoin transactions with lower fees. This was made possible with an update to the Bitcoin application. Ledger to constantly. Updates also allow Ledger to add new cryptocurrencies, such as Cardano (ADA) and Zilliqa (ZIL), which need new signature schemes for support.
In short, updates on your Ledger device protect them from bugs while allowing you to interact with the newest assets on the latest supported networks.
Ledger OS Updates: A Timeline So Far
So now you know why embedded software is so important, and why updating it keeps you safe, let’s look at some of the biggest updates to Ledger devices so far.
OS Version 1.2.4-2
In July 2020, Ledger released its first ever OS update. This addressed a minor vulnerability and streamlined the updating process. For example, users would no longer need to disconnect and reconnect the USB cable when transacting, enhancing the user experience.
This new update also included cryptographic support for the Stark 256 and BLS12-381 curves and more. If that sounds a little technical for you, check out the blog post on Ledger’s first OS update.
OS Version 2.0.0
The next big update came in October 2021, enabling UX & UI improvements that drastically reduced user onboarding time and brought several improvements to battery management. The upgrade also made Ledger amongst the first hardware wallets to adopt Bitcoin’s Taproot, with it introducing support for BIP-0340 Schnorr signatures. Although this update meant Ledger devices could support taproot, this didn’t bring any changes to customers who decided not to install the new Bitcoin embedded app. In short, the update simply allowed the device to support the app, should the user choose to install it.
Additionally, the update enhanced security, as it now notifies users of remaining update attempts, helping prevent accidental resets and unauthorized changes. It also lets users customize their Bluetooth name to more discreet options and instantly turn off Bluetooth in settings without rebooting their device.
OS Version 2.1.0
Released in Feb. 2023, the upgrade introduced a revamped PIN code screen for better security and user-friendly code entry. It also added French and Spanish language support, enhancing the user experience.
OS version 2.2.1
The most recent Ledger update was released in 2023. This important update allowed Ledger devices to support a new service: Ledger Recover. Ledger recover is an optional paid service that helps you create a backup for your secret recovery phrase.
Much like the support for Taproot or Ethereum 2.0, this update does not automatically install or activate itself on your device. That means you will not be able to use Ledger Recover without first deciding to install the app. And like every new app, your device will always ask for your PIN as confirmation before you can initialize it.
Ledger Code: Keeping You Safe and In-The-Know
Embedded software is essential for delivering fixes, enhancing device functionality, ensuring efficient and secure operations, and staying competitive with newer models. This is even more vital in the digital and dynamic realm of crypto.
This is where Ledger’s hardware wallets stand out with their custom OS, non-monolithic system. After all, it continually refines market-leading security, giving crypto users peace of mind to safeguard their assets, interact with the blockchain safely from online threats, and create innovative, secure applications for a large audience.
Plus, Ledger updates offer users the chance to explore new cryptocurrencies, new asset standards and even protect against bugs; offering improved stability, and security. Meanwhile it gives developers access to a huge audience via Ledger’s broad user base and enables people to engage with their projects securely.
In the end, crypto is a nascent system, and security models can only be effective for users if they are able to adapt safely. This is why Ledger’s embedded software is so essential to its long-term mission of securing the crypto ecosystem. In short, your Ledger embedded software stack is just another piece of the Ledger Security model keeping you and your assets secure.