Manual

Back of the PCB

Secure Element attestation

The Secure Element itself is personalized at factory with an attestation proving that it

has been manufactured by Ledger. You can verify it by running:

pip install --nocache-dir ledgerblue

Then, on firmware 1.2.0

python -m ledgerBlue.checkGenuine --targetID 0x33000004

The source code is available here.

Application verification

When opening an application, a Non Genuine warning is displayed if the app has not

been signed by Ledger. A modified User Interface (as found in

https://github.com/LedgerHQ/nanos-ui) will also display a warning message on boot.

Root of trust

The root of trust for the current batch is the following secp256k1 public key as checked

using Genuine.py:

0490f5c9d15a0134bb019d2afd0bf297149738459706e7ac5be4abc350a1f8

18057224fce12ec9a65de18ec34d6e8c24db927835ea1692b14c32e9836a75

dad609