The Nano Ledger S integrated support for the privacy coin Monero a few months ago. After many months of Monero advocates pushing for the inclusion into retail hardware wallets, the Monero team alongside Ledger have finally pushed direct Ledger support into the GUI. The Monero Wallet app has been available since around March via the Command-Line Interface.

I wanted to describe the process for getting the Ledger Nano S running with your Monero wallet using the Graphical User Interface. There are no true guides out there for Monero implementation in the Ledger Nano S wallet. This guide aims to describe why its important to complete this entire walkthrough/setup.

I also see the value in a privacy coin of Monero and think the ability for individuals to store this asset securely greatly enhances its value in the marketplace. Readers and proponents of Monero and other digital currencies for that matter, should understand the underlying process required to store them, and I aim to make this process comprehensible and informative.

Storing Monero on the Ledger Nano S(I will refer to the hardware wallet as “Ledger” for the rest of this post) requires the use of the Graphical User Interface(GUI) Version 0.12.3.0 Lithium Luna. You also can store your Monero via the Command Line Interface(CLI) but I will focus on the GUI implementation. Downloading the software for Monero, does not require some of these steps that I am going to talk about, but I would suggest you verify the authenticity of what you are downloading.

Why does authenticity and integrity matter?

Authenticity allows the end-user to verify that the data received is precisely what the creator of the data intended to be released. This means, that the user can trust that the data was not altered while in transit, or from its download source. There are specific attacks that will concentrate on altering data through various means. This process verifies the digital signatures to prove the authenticity and integrity of the data.

Digital signatures are a cryptographic scheme used in most cryptographic protocols. The signatures utilize asymmetric cryptography(public-key cryptography). The signature equates to a fingerprint for the software. You can obtain these binaries signatures via the first party Monero site Get Monero (Always be aware of phishing sites when clicking on direct links).

Data integrity is important because if you are using specific software that will control how you store your digital assets, you want to make sure the software will function as expected. There can be many factors that affect data integrity and a user can verify the authentication and integrity. If a single bit of information is out of place(which would indicate an issue with the software), you will be able to see that for yourself and act accordingly.

Verifying the binaries

The Monero Github page gives multiple descriptions as to how someone can verify the binaries. The verification of the correct downloaded software (GUI v0.12.3.0) should be verified before extracting, or installing the software onto your hardware machine. If you are using Windows, you will need to download GPG4win. If using a Mac you can download GPG Suite. [GPG refers to GnuPrivacyGuard, which is a suite of encryption security tools based off of the OpenPGP standards, which is originally based off of Pretty Good Privacy(PGP) encryption method, which is currently under licensing by Symantec] I will focus directly on Windows operating systems in this guide.

I will be verifying a signing key, hash file, and binary file to make sure the software we are using (the Monero GUI) is secure in terms of file authentication and integrity. If you do not want to verify the binary files or already know how to verify the files, you may skip to “Ledger Wallet Generation on the Monero GUI”(I highly recommend you do not skip this part if you do not know how to verify binaries yourself)

· Save the Gpg4win file and launch the software

· Use the Gpg4win installer, and as you move through the Gpg4win windows, when it asks for you to “Choose Components”, be sure to have “Kleopatra” selected. The other tools are not needed for this process

· Click finish to complete the download

The downloaded software is now complete. Kleopatra is the specific software in which you will verify the signing key, that is cryptographically signed by Monero’s core team member @fluffypony.

· Proceed to the gpg_keys of the Monero project github

· Open “fluffypony.asc”

· Click the “Raw” tab above the text

· Right click on the page and select “Save page as…”

· Save this file “fluffypony.asc” to a location that you will revert back to after you open Kleopatra (Its easy to keep it in the downloads folder)

We now have Fluffypony’s GPG key, we will need to import his signing key before verification

· Launch Kleopatra

· Import the fluffypony.asc file

Before the process begins, Kleopatra asks that you have obtained a valid certificate via legitimate means (Confirming it on a trusted site is the option that we have opted for)

Before you certify anyone else’s certificate, you must first create your own key pair (public/private key)

· Select “Yes” to begin the OpenPGP certificate creation process

· Use whatever name and email you would like

These are optional but if down the road you would like to use this key pair to identify yourself to other parties, it might be wise to be selective in the information you choose to include

You may select “Advanced Settings…” to have a better control of the detail parameters

· Verify the details and begin the creation process

· Kleopatra will ask you to create a passphrase to protect your new key

Be sure to create a long, unique passphrase. Do not recycle a password for convenience. I would recommend a password manager to store unique passwords/passphrases.

· Your key pair is now created

It will list your fingerprint which is a hash value of the entire certificate

· You can choose to “Make a backup” “Email”, or “Upload your Public Key to a Directory Service”

You might consider uploading your public key to a key server if you are going to use this as a public way for which people to verify your identity and communicate, though there are possible security implications.

· Make sure that fluffypony’s (Riccardo Spagni) fingerprint is BDA6BD7042B721C467A9759D7455C5E3C0CDCEB9 (You can independently verify by going to this link)

· Certify the certificate only for yourself

· Enter your passphrase(That you already have saved and secured)

So far you have verified fluffypony’s signing key and added it to your keyring. We will verify the hash file against the published hashes to make sure we arrive at the same hash value.

· Visit the Get Monero hashes page

· Right click and “Save page as..” and save the file as “hashes.txt”

Remember where you have saved this downloaded file(downloads folder works fine)

· In Kleopatra, click “Decrypt/Verify” in the top bar

· Navigate to where you have the Get Monero hashes.txt document and select “open”

· The signature should come up in green with the correct fingerprint: BDA6BD7042B721C467A9759D7455C5E3C0CDCEB9

If not, delete the hash file and start the process again from where you originally downloaded the hashes

We have now completed verifying the correct signing key as well as the Monero hashes against the signing key. Our final process requires us to verify the binary file.

· Download the correct version of the GUI from this page (As of the writing of this, it is currently the Lithium Luna build 0.12.3.0)

Be sure to select the correct CPU version when downloading the software

· Save the file

· Navigate to where you had the hashes.txt file saved

· Open the command prompt by inputting “cmd.exe” in the windows search bar

You will be using the command line, but if you made it this far, there isn’t anything much more difficult for you to do but follow along with these inputs

· You will need to change the current directory you are in, to the directory which has the Monero hashes.txt file. This could be the “Downloads” folder if you didn’t change the default download path

The command you should input if the Monero hashes.txt file was still in Downloads is: (Be sure to use proper upper-case/lower-case syntax)

cd Downloads

· Now that you are in the Downloads directory you will be able to check the Monero Binary with the following command:

certUtil -hashfile monero-gui-win-x64-v0.12.3.0.zip SHA256

(The exact command “monero-gui-win-x64-v0.12.3.0.zip” will differ between OS, version, and CPU architecture.)

· Compare the hash value that was returned in the command prompt with the specific sha256 hash in the monero hashes.txt file that we downloaded before. If it is the same sha256 sum, congratulations! You have now finished this arduous process and the files are authentic.

Why did we just do all of that?

The importance behind verifying the files you have downloaded in terms of digital assets and specifically Monero relies on the authenticity and integrity of the file. There are many different attack vectors that exist (Man-in-the-Middle, Phishing, or other session hijacking attacks). Using this specific software requires due diligence on the end-user. The process as I referred above may seem arduous for someone who may not be technically savvy but these technologies that you are using, especially around a privacy coin like Monero requires mathematical and cryptographic principles. Monero is inherently private, you wouldn’t want to subvert your privacy and security by downloading malicious software. That would ruin the reason for you as an individual using a cryptocurrency like Monero. I aimed to make this process a little easier to understand for someone being introduced to this process. You will not need to do this every time you open the Monero-gui, you only need to verify whenever you download a new version.

Ledger Wallet Generation on the Monero GUI

Now that you have downloaded the Monero GUI and have verified the integrity of the file, lets create a new wallet file on the ledger. If you have not already, you will need to download the app on your Ledger device. You can do this via the new Ledger Live interface.

· After you have downloaded the Ledger Live app, plug in your Ledger

· Create your digital profile on the Ledger Live app

· Click “App Manager” and download the “Monero” app

· Make sure your Monero app on your Ledger is open

· On your computer, open the Monero-wallet-gui.

· If this is the first time you have used the Monero wallet, it will bring you to a screen that asks for your language. Select your language

· Select “Create a new wallet from hardware device”

· Create a wallet name that you know is the Ledger Device

· For “Restore height (optional)” you can put 1629000

We are choosing to put this height to save time as we don’t have to worry about the Monero GUI running through all 1629000 block transactions that have already occurred since this is a new Monero wallet address.

· In the “Subaddress lookahead (optional)” field put “3:200”

· Select “Next”

· Ledger will ask to export the private view key, I would suggest you do not export your private view key

There may be some disagreement from others about this, but from a security and privacy focused perspective, I would suggest not exporting the key. If exported the GUI thats located on the computer will scan for blocks as opposed to the Ledger, which will be more time consuming but if the private view key is compromised somehow, then you risk losing the privacy aspect for Monero. I see this as a no-brainer.

As of August 1st, 2018 you needed to click the option you chose twice

· Enter a password for the wallet. This password should be strong, and adds security redundancies. You will need to unlock the Ledger via its pin, and then unlock your wallet with a passphrase, but there is no reason you should sacrifice security for convenience.

Be sure to securely store this long, unique password in the password manager that you are now using to store your passwords.

· If you have ever used the Monero GUI, you may need to sync the blockchain. If you’ve never synced the Monero blockchain, this will be a long process. You may also use a remote node. There are 3 separate options (local node, bootstrapped local node, or a remote node). There is a separate guide for the remote node here. These options are located under Daemon settings. I would suggest to use the local node in terms of privacy and security. Possible attack vectors are mentioned here. If you are looking for some convenience, you can connect to a remote node.

· If you are completed with everything, move on to the next page and then press “Use Monero”

· You are now ready to send, receive, and securely store your Monero offline

When finished with the Monero app, it is suggested that you close the applications in this process:

· Close the Monero GUI

· Then exit the Monero app on the Ledger

· Finally, you can unplug the Ledger device

Why does this matter

Ledger is the first major retail hardware wallet that has Monero implementation. There were other ways to create offline wallets for Monero, and the Monero GUI actually had implementation for offline signing built into it, but the hardware wallet allows for people who own Monero to store the asset, relatively easily. Test the wallet first by sending a small amount of Monero to the address. Once you know how to properly deal with the wallet, and know how to withdraw funds from the wallet, you can begin stacking your Monero bags.

If you have any questions regarding security around the Monero process mentioned in this post or any regards relating to cryptocurrency security, please feel free to reach out to me at J@cryosecurity.io.

Edit: The dev team working on Monerujo have also added implementation for the Ledger on their platform. https://medium.com/@anhdres/how-to-use-monerujo-with-the-ledger-nano-s-758fff199bb4 Another great addition to the Monero and cryptosecurity community, great work!