“How can I import my key into Ledger Nano S?” — this is one of the hottest questions since the launch of a Fairy wallet. The short answer — you can’t.

So this article is rather educational. I will try to explain why it is impossible, some basics about the keys and how HW wallets work, etc.

Hardware wallet stores your funds

The statement above is wrong. All your funds are being stored in the chain. The same thing with EOS accounts. A wallet doesn’t have any information about coins, tokens, accounts, etc.

The only two things that wallet is aware of is a seed (I will explain more in the following paragraph) and a cryptocurrency application. The application is a code which can understand whether data/transaction that needs to be signed has relation to particular cryptocurrency or not. So that’s why devices have a Bitcoin app, EOS app, etc.

So, now we know that all your data is being stored in the chain, except for your private key. Also, you may wonder “where is the key then?”, let me get back to this question a bit later.

Keys

Keys are the only thing that allows you to modify data (send funds, create accounts, deploy smart contracts, etc.) in the chain. Before sending a request (a transaction) to modify your data you have to sign it and send the signature within a request. Signature is the only way to prove that you issued the operation yourself. However, let’s get back to the keys.

Every one of you has got (generated) an EOS public/private key pair during ICO, which was gently bound to your initial EOS account on Mainnet launch.

So, how was your unique key pair generated and not matched with any other key pair? The answer to this question is — seed, the one that I have mentioned in the previous paragraph. Every key pair is generated from the seed, no matter what cryptocurrency we are talking about.

Bear in mind, that a seed generated during ICO is not restorable! Ledger, on the other hand, provides a recovery phrase to its seed.

Every Ledger box goes with blank recovery sheet where you have to write down your recovery phrase before you start using the device.

Why is it important? Ledger device is an object, and like any other objects it can be lost, stolen, broken and so on. The only way to restore the seed is a recovery phrase. So if any of mentioned above happens to your device, you can get a brand new Ledger and restore the seed. It works as long as you have your recovery phrase.

So, now we are at the point where we can answer the question “where is the key?”. Nowhere. Each time, when the device needs to sign a transaction, a private key will be generated from the seed, then the device creates the signature, deletes the key and sends the signature back.

So the flow will look something like this:

seed -> private key -> data + private key -> signature

If we combine this with a recovery phrase we will have:

recovery phrase -> seed -> private key -> data + private key -> signature

The same thing is for public key:

seed -> private key -> public key.

You cannot go backwards, from a public key/signature to a seed. So that’s why a public key and signature is safe to share.

Now you see all the beauty of cryptography and security it provides.

So, why it is not possible just to import a private key into the wallet?

Now the answer is pretty obvious — a device doesn’t store the key itself, it stores the seed. The only right way to set the seed onto a device is through a recovery phrase. Let’s imagine you did save your private key, generated from ICO, on a Ledger device. If you thought that the key would be safe now, you are sadly mistaken! Moreover, if you also decided to get rid of the notes with your key- well, poor you! So, imagine that awful day when the device (with the saved key on it) got stolen, broken or even lost. What would be your steps to save or manage your funds in this situation? No recovery phrase = no funds.

Another situation, let’s imagine that you knew that all that scenarios mentioned above might happen and you got another 20 devices on hands. You started importing your key into every Nano S and, in the same time, your laptop was infected by some malicious software that can sniff bytes on USB port and log it on the internet.

Do I need to explain that in this particular case your private key could be compromised and a hacker would be able to access your funds?

What are the options for those who already have accounts?

Two options: create a new account OR change an active/owner key (check the video provided by Cypherglass https://www.youtube.com/watch?v=_Da27DJ12lY&feature=youtu.be). Of course, it might have some risk (you can enter the wrong key, or send money to the wrong account, especially to groups of people that haven’t touched the account since Genesis (the whales 🐋 ). They are paranoid to use those keys.

For those who have an account from erc20 snapshot, the best option would be to buy a new Ledger device and recover the seed with a recovery phrase. However, we have what we have.