ledger-nano-guide.com
Login
Independent review. This site is not the official website and is not affiliated with, endorsed by, or operated by the wallet vendor reviewed here. Never enter your seed phrase or private keys on any third-party site.

Supply‑chain checks & tamper evidence for new devices

Leon Kozlov Leon Kozlov
Try Tangem secure wallet →

Why supply-chain verification matters

Hardware wallet users trust a small piece of hardware with their private keys. That trust can be undermined before the package even reaches your door. A supply attack targeting hardware wallets can take many forms: physical tampering, pre-initialized devices, counterfeit units, or malicious firmware inserted during transit. These threats are real and discussed in high-level guidance from agencies like the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and NIST's work on supply chain risk management (see NIST SP 800-161). [1][2]

In my experience, most risk is social and logistical rather than purely technical: attackers exploit weak points in the delivery chain, marketplaces, or inattentive buyers. And yes, a short inspection at unboxing often stops problems before they start.

Sources: NIST SP 800-161 Rev. 1 (supply chain risk management) — https://csrc.nist.gov/publications/detail/sp/800-161/rev-1/final; CISA supply chain resources — https://www.cisa.gov.

Common supply-chain attack vectors

  • Counterfeit devices sold on marketplace listings. Counterfeits may look convincing but can contain modified firmware or hardware.
  • Pre-initialized devices: devices shipped with a seed phrase already installed or accompanied by a printed recovery card. (If the seller generated a seed, they control funds.)
  • Tampered packaging or resealed boxes. Signs include re-glued seams, mismatched fonts/print, or missing documentation.
  • Malicious companion apps or fake "official" websites that capture your setup steps.
  • Intercepted shipments where an attacker swaps hardware or accessories.

Why does this matter? Because once private keys are exposed, crypto on any connected blockchain (Bitcoin, Ethereum, Solana, etc.) can be drained instantly. So prevention at the point of purchase is the most efficient defense.

Try Tangem secure wallet →

Before you buy — where to buy safely

Where you buy is the single biggest risk reduction step. Ask yourself: is the seller listed on the official manufacturer site? (If not, proceed cautiously.) Buying from the manufacturer's official store or an authorized reseller substantially reduces the chance of counterfeit or tampered units. If you search for things like "ledger nano s amazon" or other marketplace listings, check that the seller is the manufacturer's verified storefront and not a third-party seller.

Concrete checklist before purchase:

  • Prefer the official store or an authorized reseller list from the manufacturer's support pages. See our where to buy safely guide.
  • Avoid used or refurbished devices unless the seller provides a documented, verifiable reset-and-authenticity process.
  • Verify seller reputation, return policy, and serial-number support if available.

For more on safe channels and marketplace hazards, see where-to-buy.

Unboxing checks: step-by-step tamper-evidence checklist

Practical, concrete steps you can perform in 5–10 minutes. (Yes, do them before you connect anything.)

  1. Photograph the unopened package and keep the shipping packaging. These photos are evidence if you need to report the item later.
  2. Inspect outer packaging for obvious signs of resealing: torn or re-glued seams, mismatched printing, or unusual tape. Compare with unboxing pictures in official documentation where possible.
  3. Open carefully and inspect the contents. Look for:
    • A pre-filled recovery (seed phrase) card. If present — stop. Do not use the device.
    • Missing documentation or unexpected extras.
    • Physical damage or loose parts.

![Packaging close-up - placeholder]

  1. Inspect the device itself: scratches in unusual places, replaced screws, or a different finish than official photos.
  2. Boot the device. On first power-up, a genuine device should prompt you to set up as new or recover; if it immediately asks for a recovery phrase or shows pre-registered accounts, treat that as compromised.

If anything looks suspicious, don't proceed with setup. Contact the seller and the manufacturer via their official support channels (links in our where-to-buy-safely page).

Boot, setup and firmware verification (How to)

How you initialize matters. Follow these steps and use only official resources:

  1. Download the official companion application from the manufacturer's official site (do not trust search ads or third-party downloads). See ledger-live for companion app guidance.
  2. Connect the device to a clean computer (or a known-safe OS environment). During initial connection the companion app typically performs a genuine-device check — let it run.
  3. The device should ask you to generate a new seed phrase on the device screen. Never enter a seed phrase into a computer or type it online.
  4. If a firmware update is required, update only through the official companion app and verify the update prompt. Official updates are cryptographically signed; the official app verifies signatures before applying firmware. See firmware-updates and verify-firmware for details.

What if the device asks you for an existing seed or shows account addresses on first boot? Don’t continue.

(And be very careful with any emailed "support" links; phishing sites replicate official pages.)

If you suspect a supply-chain compromise

Stop. Take photos. Then:

  • Do not enter your recovery phrase into anything.
  • Contact the seller and the manufacturer's official support immediately (use the support site listed on the manufacturer's official domain).
  • If you already used the device to receive funds, move assets to a new wallet you control (create a new seed on a different device you trust or using an air-gapped process) as soon as possible.

If you have a lot at stake, consider setting up a multisig wallet (see below) so one compromised device alone cannot move funds.

Long-term mitigation: multisig, backups, and air-gapped workflows

Single-signature hardware wallets are convenient. But for high-value holdings, I recommend spreading trust across multiple devices and techniques. In my testing, a 2-of-3 multisig setup (using independent manufacturers/devices when possible) gives excellent protection against a single supply-chain compromise.

Other practical mitigations:

  • Use air-gapped signing (see our air-gapped guide) for large transactions.
  • Keep a metal backup plate for your seed phrase and store it in a secure, geographically separated location. See metal-backup-plates.
  • Consider passphrase use (often called the "25th word"). It increases security but also raises recovery complexity — read passphrase-25th-word before enabling it.
  • Plan inheritance and recovery (see inheritance).

Quick reference: tamper-evidence features table

Feature What to check How to verify If check fails
Tamper-evident packaging Intact original seals/shrink-wrap, no re-glue marks Compare photos to official unboxing; look for re-glue residue Don’t use; contact seller/support and document evidence
Pre-initialized seed Presence of pre-filled recovery card; device asks to recover immediately On first boot device should offer "set up as new" Return device; assume compromised
Genuine check via companion app App confirms device authenticity Use official companion app; follow on-screen genuine check Stop setup and contact support
Firmware signing Companion app prompts signed update Update only through official app; app verifies signature Refuse unofficial firmware; seek support
Wireless connectivity (Bluetooth/NFC) Is wireless enabled by default? Check device settings; consult docs Use USB-only if you prefer smaller attack surface

FAQ

Q: Can I recover my crypto if the device breaks?

A: Yes — if you have a valid seed phrase (recovery phrase). A properly-stored seed phrase allows you to recover private keys on any compatible hardware or compatible recovery tool. See backup-and-recovery.

Q: What happens if the company goes bankrupt?

A: Private keys are independent of the company. If you control the seed phrase, you control the crypto. Still, consider multisig or open-source tools as contingency; see our company-risk page for deeper guidance.

Q: Is Bluetooth safe for a hardware wallet?

A: Bluetooth increases the device's attack surface. Modern devices use encrypted, authenticated channels and a secure element to protect secrets, but Bluetooth adds complexity. If you prioritize the smallest possible attack surface, use USB-only or air-gapped setups. See connectivity-usb-bluetooth-nfc.

Conclusion & next steps

Supply-chain verification is straight-forward when you split it into discrete steps: buy from trusted channels, inspect packaging, verify device behavior on first boot, and confirm firmware authenticity via the official companion app. In my testing, a deliberate 10–15 minute routine at purchase and setup prevents a large percentage of common attacks.

If you want step-by-step setup instructions and the exact screens to expect during an unboxing and initial setup, see nano-s-unboxing-setup and setup-initial. For guidance on long-term defenses like multisig, backups, and air-gapped signing, visit multisig, metal-backup-plates, and air-gapped.

Ready to verify your device? Start with the official support pages and our verify-firmware guide.

References

  1. NIST SP 800-161 Rev. 1 — Supply Chain Risk Management Practices for Federal Information Systems and Organizations: https://csrc.nist.gov/publications/detail/sp/800-161/rev-1/final

  2. U.S. Cybersecurity and Infrastructure Security Agency (CISA) — Supply Chain Resources: https://www.cisa.gov

  3. BIP-39 — Mnemonic code for generating deterministic keys (seed phrase standards): https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki

(Other platform-specific verification procedures are documented on each manufacturer's official support site — always use the official domain to download tools or request help.)

Try Tangem secure wallet →