✨ Made with Daftpage

Ledger.com/Start® | Getting Started with Your Ledger Device - Official Guide

LEDGER.COM/START® | GETTING STARTED WITH YOUR LEDGER DEVICE

The Official, Secure Guide to Initial Setup and Cold Storage

🔎 Section 1: Physical Security and Official Access

Your journey into secure self-custody starts with two critical steps: verifying the physical integrity of your device and accessing the official Ledger interface.

1.1 Physical Tamper Verification

Before connecting your device, ensure it is in its factory-fresh state. Ledger devices are shipped with specific measures to detect tampering:

  • **Packaging Seals:** Check the box and packaging for any signs of physical tampering, rips, or unprofessional resealing.
  • **Initial Device State:** When you first power on the device (by connecting it via USB), it should display a welcome message like **"Welcome to Ledger Nano S Plus"** or **"Let's get started"**.
  • **CRITICAL:** A legitimate, new Ledger device will **NEVER** come with a pre-set PIN or a pre-written 24-word Recovery Phrase. If you encounter either of these, stop the setup immediately and contact Ledger Support. Your device may be compromised.

1.2 The Official Start Point: Ledger Live

All setup and management is handled through **Ledger Live**, the mandatory, secure desktop or mobile application. The starting URL (ledger.com/start) will redirect you to the official download page.

  1. **Access Protocol:** Always manually type the official URL: https://www.ledger.com/ledger-live. Do not click on sponsored search engine results, which are a major vector for phishing.
  2. **Download Ledger Live:** Download and install the application tailored for your operating system (Windows, macOS, Linux, iOS, or Android).

🛡️ Section 2: Cryptographic Genuine Check and Firmware Installation

Once Ledger Live is installed and your device is connected via USB (or secure Bluetooth for Nano X/Stax), the application runs its first, most crucial security protocol.

2.1 The Mandatory Genuine Check

Ledger Live automatically initiates the **Genuine Check**, a cryptographic challenge that verifies two things:

  • **Authenticity:** It confirms that the device contains the genuine **Secure Element (SE) chip** manufactured by Ledger.
  • **Integrity:** It verifies that the Ledger Operating System (OS) is authentic and hasn't been tampered with.

If the device passes the Genuine Check, Ledger Live will confirm the device is ready for setup. If it fails, the application will prevent further action, protecting you from a counterfeit device.

2.2 Initial Firmware Setup

For security, new Ledger devices may require the installation of the latest firmware. Ledger Live handles this process securely:

The application downloads the cryptographically signed firmware package. The Ledger device's Secure Element chip verifies Ledger's digital signature on the package before installation. This chain of trust ensures only genuine code runs on your hardware.

🔑 Section 3: PIN and Recovery Phrase Protocol

The Ledger Live application then guides you through setting up your essential security layers—the PIN code and the 24-word Recovery Phrase.

3.1 Setting the PIN Code

The PIN protects your device from physical theft. The Ledger Live app prompts you to:

  1. **Select PIN:** Choose a strong 4-to-8 digit code.
  2. **Enter on Device:** Enter the PIN using the physical buttons on the Ledger screen. The PIN is never typed on the computer keyboard, isolating it from keyloggers.

3.2 Generating the 24-Word Recovery Phrase

This phrase is the absolute master key (seed) to all your crypto funds. The process is strictly offline:

  • **On-Device Display:** The 24 words are generated by the device's internal random number generator and displayed **ONLY on the Ledger screen**, one by one.
  • **Physical Transcription:** You must write down the phrase carefully, in the correct numerical order, on the physical Recovery Sheet provided in the box.
  • **Verification:** Ledger Live then prompts the device to ask you to confirm several words from the phrase to ensure you transcribed it correctly.
ABSOLUTELY NO DIGITAL INPUT! At no point during the setup or any future transaction will Ledger Live, Ledger Support, or any other legitimate interface ask you to type or input your 24-word Recovery Phrase into your computer, phone, or any digital application. This phrase must be stored physically, offline, and kept absolutely secret.

💰 Section 4: Transaction Security — WYSIWYS Enforcement

Once your device is set up, Ledger Live becomes your daily portfolio manager, strictly adhering to the **What You See Is What You Sign (WYSIWYS)** security principle.

4.1 The Secure Transaction Workflow

This workflow ensures that even if your computer or phone is infected with malware, your funds remain safe because the final confirmation is done on the secure hardware screen:

  1. **Address Verification:** When generating a receive address in Ledger Live, you **must confirm** that the address displayed on your host screen matches the address simultaneously displayed on your physical Ledger screen.
  2. **Sending Confirmation:** When sending crypto, Ledger Live prepares the transaction, but the final, immutable details (recipient address, exact amount, network fee) are sent to the device. You **physically review and approve** these details on the Ledger screen before the secure signature is generated.

This physical verification step is the single most important action you take to prevent address-swapping attacks.

🚀 Section 5: Unlocking the Full Ledger Live Ecosystem

The Ledger Live App extends beyond simple storage, offering integrated, secure access to the wider crypto ecosystem:

  • **Staking and Earning:** Securely delegate Proof-of-Stake assets (e.g., Ethereum, Polkadot) directly through the app, earning rewards while your private keys remain in cold storage.
  • **In-App Swap/Trade:** Utilize integrated, vetted third-party services to securely swap and purchase crypto within the app, with all final fund movements requiring a Ledger signature.
  • **Web3 & NFT Management:** Use the built-in WalletConnect feature to interact with dApps and NFT platforms, routing critical smart contract approvals to the hardware for secure physical signing.