Hi
After deciding to buy a hardware wallet I need some help. Why? Searching Google to buy a ledger fake sites appear at the top with cheaper ledgers for sale. My spider sense was tingling.
Paid full price off amazon in the end.
How can I now be sure that the download for the software for ledger and yoroi browser extension to set it up are legit?
Bloody scanners.
Why from amazon and not directly from ledger?
Ok, I see amazon is official store
When I first searched this came up
Obviously wrong. I’ve also read on the forums that chrome extensions can be fake. Ledger instructions link to a yoroi chrome extension to be able to enable/use the hardware wallet.
The horror stories have me a little cautious.
Click on it… it’s a marketing “bug” :)) it will redirect to ledger site where it will show u the right price
The domain for getting the Ledger software should be printed somewhere in the documentation.
Also: Google results for downloads are not as easily spoiled as results for shopping.
You could cross-check if other high-profile domains link to the same targets: https://www.ledger.com/ and https://yoroi-wallet.com/ At least, cardano.org probably links to Yoroi, since it is one of the “official” wallet apps.
You could search these forums and other similar sites if links to these have been given by different people and have not been deleted for scam.
In the end, you will never reach a full 100%. Their site could have been hijacked in exactly the moment you are accessing it. Your computer could have been infected with a very, very sophisticated malware pretending to download the real software, when downloading an infected version.
Balls out then.
That spider sense of yours will serve you well. Your best option is to buy directky from the manufacturer. The ledger sofware is signed. The easiest way to see is to try run it as administrator, it will give ypu the uac and the the top will be blue. However, you should not actually run it as administrator but now you know it’s real.
The daedalus wallet (windows only) is also signed.
Sadly, I have no idea how you verify an iPhone wallet. Android wallets probably have the same problem. Therefore, go to the official site and follow the links, don’t go directly to apple store and download whatever they have.
The coin gecko app will show the official site when you click it.
There are very many bad actors out there, they’re all over social media and youtube. I hate them all. Beware of direct messaging.There are fake supprt sites and they have more followers than the real support site. It’s quite impossible on Telegram and similar to verify the other part
Therefore, it makes perfect sense to have two separate wallets. So, if you fall for a nft giveaway scam or similar, you use the second wallet that isn’t connected to your hardware wallet. You can’t lose more than what you have.
I also find it useful to google ”cryptocurrency scam” to find out what these people have come up with. Sophos is also good. Alas, they are knowledgable and shameless.
And never ever give away your seedphrase.
Daedalus is not Windows only. And the versions for MacOS and Linux also have signatures:
Yes, you are right. Mea culpa. The point I want to make is that these platform versions can be verified by essentially any user.
Wasn’t there a scammer who managed to upload an android version of ”Daedalus” on Google Store? There is no such thing and the sad part is that if you didn’t know you simply could not check who signed it. I think that’s a missing feature.
Yes, there was a few weeks ago.
Missing from what? App stores?
It’s not so easy. Scammers could without problem sign their versions and publish the keys to verify their signatures on their scamming websites. It would again take some time to take them down, probably around the same time that is now necessary to convince Google that it is a scam.
We could demand that Google takes down faster, but on the one hand Google probably doesn’t care much for such demands, and on the other hand faster take-downs could in other areas also be used to get rid of competitors.
Since the discussion just so happened to be about digital sinatures, I want to mention that I wrote a CIP for which I would like comments.
The idea is straightforward. It shoul be possible to digitally sign a Cardano address using a certificate. You create a small nft that you send to an address that you control. The nft must be understood by wallets. When you type the adress, the wallet tells you who owns it. This idea works for other blockchains that support nft’s like Solana.
You find it where you find CIP’s and your comments are welcome.
Well I’ve gone for it. Ledger arrived. Checked the certificates as an administrator as advised. Went through the setup and device verified as genuine. . Used the links in the ledger software to yoroi extension. Installed and wallet created, linked to the ledger. Sent ADA over. Will now wait a couple of weeks to see if it gets emptied.
Bit annoyed the cardano app takes up over half the space on the ledger. Hope I can get coti on there when it becomes available.
soon Cardano will be available on ledger live
What’s the main advantage of ledger live?
hmm, I believe you will use the main ledger live wallet not other app like daedalus, yoroi,etc
I think so too. Ledger live would offer direct support. I believe, if you own bitcoin, supported by ledger live, you can then view yoir balance and also transfer coins without having to use a bitcoin node. It still needs the blockchain, you just don’t have to download it yourself.
And that makes me wonder if there are wallets that work in the same way as I imagine that ledger live does. Should you not be able to use someone else’s blockchain assuming that you can trust that party. I mean, if microsoft offered the Cardano blockchain as a service thru an api that my wallet could use, I wouldn’t hesitate to use it. Would you?
Instead of creating a new thread I wanted to just ask if Trezor is a good cold wallet? I have that instead of ledger and notice only ledger being discussed. Thanks in advance.
Trezor is also used to store ada and cardano native assets
Trezor is okay. Ledger is probably used more, because the cheapest is a third of the price of the cheapest Trezor.
Thank you Sean and Alex for the prompt replies. Trying to figure all of this out.
