Last Updated: June 2025
Ledger hardware wallets—such as the Ledger Nano S Plus and Nano X—offer secure cold storage by isolating private keys from internet-connected environments. The onboarding process begins at Ledger.com/start, the official entry point for device initialization, firmware updates, and software installation.
When users access ledger.com/start, they are redirected to a wizard that:
Uses HID or WebUSB to communicate with the Ledger via APDU commands. These are handled by Ledger Live via ledgerjs.
Communicates over BLE using encrypted GATT characteristics, secured with pairing codes.
Ledger Live is an Electron-based (desktop) or React Native-based (mobile) app that manages assets and firmware. It detects connected devices using Ledger’s transport modules and facilitates app installations.
Generates a BIP39 seed (12, 18, or 24 words) using a secure TRNG. The seed never leaves the secure element (SE).
Restores wallets using an existing seed phrase. Entry is performed on-device to mitigate phishing risk.
During setup, firmware signatures are validated using ECDSA. Devices reject unsigned or tampered firmware.
Apps are downloaded via Ledger Live and installed into secure storage. Each app supports its own blockchain protocol logic.
All signing operations occur in the SE. The host app receives only the signed transaction, never the private key.
Transactions must be confirmed on-device to prevent blind signing.
Ledger.com/start serves as a secure onboarding interface for hardware wallet users. Combined with a secure element, attested firmware, and encrypted transport protocols, Ledger’s architecture ensures a robust, trust-minimized user experience for managing private keys.