A quick review for the new Ledger Live
The long awaited Ledger all-in-one app is here, is it worth the wait ?
TL;DR Yes, for now :)
The Ledger team told us about their new application quite a long time ago. It was on February 23rd 2018, nearly 6 month ago, an eternity in the crypto world.
At this time, BTC was valued $ 10309 (not to far from twice as $ 6670 today), same for ETH $ 871.17 (compared to current value of $ 471.60), even during this dump, which can be interpreted as a crypto winter, Ledger teams went on working, and has just published it new Ledger Live 1.0.1.
The application is brand new, so bugs are to be expected, and new releases will probably follow shortly with expected corrections and missing features
The previous app version only allowed to check the Ledger’s balance one coin at a time, and you needed to install all the coins’ app on your Ledger to check. This used to led to rounds of installing and removing the apps as the Ledger storage is small : the infamous “ insufficient space” error was close.
With the new application, these times are gone but this is not just install and forget…
The setup is pretty straightforward, the documentation provided is simple and efficient, but you have to install the tool, perform the security checks, then add individually an account for each coin you have.
Ledger live installation
As I already have a Nano S, it will be used during the setup. This part is straightforward
Then, perform the security checklist for your device (the security warnings reminds me of MyEtherWallet’s ones, but less cumbersome).
- If someone gave/sold you the ledger with a PIN already set, this person can access your funds (not by the ledger device), but by the 24 words seed used to initialize your ledger (which is in fact his in ledger)
- If you didn’t save the recovery phrase the person who did can access your funds (same as before)
- The genuine check seems to be performed to check if firmware has not been tampered with. This is a good practice, as this attack has already been performed
The password lock should be mandatory, as you will be able to monitor your accounts. If you don’t set one up, you will not lose your funds, but anyone with access to your computer can get your public coins addresses as well as your balances…
The Ledger Live requires a coin by coin installation, but the wait is worth it :)
At first, your dashboard is empty, even if you already own coins on your Ledger. For each coin (BTC, Eth…) , you will have to connect your Ledger, open the coin application on your device (or install it first if not present at first). Then add the coin (by its app on the Ledger Live interface). It will check the connection with your ledger, present your balance and allow you to add the coin to your dashboard
Once the coins are added, you will be able to access a weekly / monthly / yearly history of your total balance for each of your coins
The new Dashboard has a great feature to allow you to check the previous operations for all your coins, chronologically sorted
The Ledger Live initiates connections only in https (TCP 443) to :
- ledger.com (main web site)
- api.segment.io (tools for data analytics, marketing…)
- github.com (code repository)
- sentry.io (open-source error tracking)
- github-production-release-asset-2e65be.s3.amazonaws.com (authentication protected asset located on AWS)
This analysis will have to be updated, but no issues so far.
The Good :
- New nice interface
- Security check up and awareness reminder
- All your balances and their history on one screen
- All your operations history in the same view
- Can be used in standalone mode (don’t forget to set a password !)
- The application provides links to exchanges services to buy coins directly with credit/debit cards
The Bad :
- No support yet for some coins (Neo and derivatives mostly), but it’s only the 1st release, so other coins will probably be added soon
- Binaries checksums are not present on the download page
- No possibility to choose/change the coin explorer
The Ugly :
- As the password is not mandatory to login, any one with access to your computer can check your balances, operations history and can use your public keys to monitor your transactions and accounts