TBW - Charles Guillemet (Ledger): "Wallets will replace passwords"
The Big Whale: Ledger has just presented a new Nano model. What does this product actually change?
Charles Guillemet: The idea behind the new Nano is to continue developing our range while making our products more accessible. We've kept the concept of the e-ink touch screen, which significantly enhances the user experience, while offering a more affordable entry-level price than the rest of the range (€179). This new model, called the Nano Gen5, represents a kind of renewal of the historic range. In our segmentation logic, the Stax is the top of the range (399 euros), the Flex occupies the intermediate position (249 euros), and this new Nano corresponds to the natural continuity of Ledger's most popular products.
But what are the differences between the three models?
They are mainly to do with their design and a few secondary features. The screen is not identical, some models have NFC while others do not, and wireless charging is not yet widespread. But in terms of software, they all share the same base: the same operating system, the same security mechanisms, and the same compatibility with Ledger applications. What we offer today is a truly coherent range, where the choice is made according to usage preferences rather than raw performance.
>> VIDEO - Ledger Flex, the new digital wallet from Ledger
How long will older models, such as the Nano in USB stick format, be supported by Ledger?
We stopped developing new features for the older Nano models some time ago, but we continue to provide security maintenance for them. That said, this phase is gradually coming to an end. The Nano S, for example, is no longer officially supported in terms of software evolution: it continues to function, but as blockchains evolve, it will become impossible to keep up with all the changes. If certain major updates are made to the networks, there will come a time when the Nano S will no longer be compatible.
As for more recent models, such as the Nano S+ or the Nano X, they are still fully supported and marketed. When a product reaches the end of its life, we will first stop marketing it, then move on to a functional maintenance phase, before retaining only safety monitoring. After that, these devices will continue to operate for as long as they can. We're talking about a process spread over several years.
Are your long-standing customers renewing their equipment? Do you have any figures on the renewal rate?
We obviously track these metrics, but we don't detail them publicly. What I can say is that there are several profiles: very loyal users who buy each new generation, others who move from a Nano S to a Flex, and a continuous base of new customers who enter the ecosystem. One point that is often underestimated is the physical reality of hardware: electronics don't live forever. You don't change signer as regularly as a smartphone, but, over time, wear and tear, batteries, and evolving software stacks end up creating natural incentives to upgrade. Our job is to add 'good reasons' to renew. As networks introduce new features and dApps make their transactions more complex, having a recent device ensures a safer and smoother experience.
.jpeg)
You're pushing Ledger beyond just crypto storage, as an authentication tool for the web. What place do you see for your devices in this new market?
Users' lives are becoming increasingly digital, and the value that passes through our online access is rising all the time. In this context, security becomes central. passkeys are emerging as the natural successor to passwords, and that's excellent news: humans are bad at generating and memorising secrets, whereas asymmetric cryptography knows how to do that very well, reliably and without friction. Our devices are already designed for this: they run a versatile operating system, capable of managing a variety of keys and protocols, today compatible with passkeys and tomorrow with other standards as they emerge.
Beyond the simple "login", the next frontier is proof of identity and age, and all the minimal attestations that allow you to access services without revealing yourself. If you can prove you're "over 18" from a device you fully own, and do it privately using zero knowledge disclosure proof techniques, we're solving a real web problem.
In practice, what distinguishes a Ledger from a YubiKey for these authentication uses (passkeys, 2FA, etc.)?
YubiKey is a very good solution and I use it myself on certain services. The key difference is the screen. In advanced attack scenarios, the attacker may try to hijack a 2FA flow or get you to validate a transaction that is not what you think it is. Having a screen that shows what you are actually authorising reduces this risk: you see the domain, the action, and you confirm consciously. This is particularly useful when implementing a standard on the web service side leaves grey areas in the validation experience.
Another difference is Ledger's crypto-native DNA. Our devices already handle complex approval scenarios, multi-chain transactions, offline signatures. This 'clear signature' culture applied to the Web2/Web3 world gives us an ergonomic and security advantage: we know how to present useful information at the right time, as close as possible to the private key, and ensure that the user understands what they are signing. It's this bridge between modern authentication and on-chain security that, in my view, becomes the real value proposition.
Are you planning a product dedicated solely to identification, without a crypto wallet, to lower the price even further?
We've already thought about it. But to be honest, the pure "authentication keys" market remains a niche compared with the opportunity associated with digital assets. Today, the best proposition for users is to have a signer that covers the whole spectrum: protecting their money, access, identities and credentials. The lines between these uses quickly blur, and the perceived value increases when you bring these needs together in one secure and simple device.
>> Charles Guillemet (Ledger): "With Ledger Key Ring Protocol, your data really belongs to you"
You mentioned in your keynote an upsurge in cyber attacks. Are there now new types of attack that specifically target crypto users?
Yes, and it's striking how fast the ecosystem is evolving. Over the last few months, we've seen a real turning point. Attackers are deploying far more resources, whether in terms of money, organisation or engineering, and their main targets are now crypto holders. It's not just phishing or traditional attacks: we're talking about sophisticated campaigns that combine supply chain, malware and social engineering. What's changing is the systematisation. Before, malware was more geared towards stealing bank details or passwords; today, almost all of them include a crypto module. As soon as a computer is infected, the software looks for wallets, private keys, or browser extensions linked to blockchain.
This phenomenon has become industrialised. There is now a division of labour between those who develop malware and those who exploit it. Some code is sold "as a service", and other teams rent it out to attack specific targets. We are also seeing the emergence of new vectors: malicious code hosted directly on the blockchain, impossible to remove, or malicious extensions. We have even detected attacks of this type targeting our own developers. That just goes to show how widespread the threat is. In this context, having your keys isolated from the rest of the IT environment (i.e. on a hardware wallet) is no longer a precaution, it's a necessity.
And in concrete terms, how does Ledger protect users from this sophistication of attacks?
Our first line of defence is physical separation: private keys must never reside on a computer. But we go further with mechanisms like clear signing and transaction simulation. The idea is to allow the user to understand what they are signing, rather than blindly validating a hash. If an attacker replaces a legitimate transaction with a malicious one, the Ledger device can detect this difference on the screen before any validation. This is what prevents, for example, signing an authorisation by mistake that would give access to all your tokens to a malicious third party.
To make this system scalable, we have developed an open standard, EIP-7730, which allows decentralised applications (dApps) to describe how they work to Ledger in the form of a simple JSON file. This file indicates the names of the methods, the parameters and their types. With this standard, our device can clearly understand and display what a transaction is doing, whatever dApp is being used. At first, projects were a little slow to get going, but today we receive dozens of proposals a week, and even the Ethereum Foundation has joined our efforts. It's a real community success story.
So this standard serves as the basis for your new tool, the famous "Ledger button" integrated directly into dApps?
Exactly. Until now, a lot of users went through intermediaries like MetaMask or Rabby to connect their Ledger. It's convenient, but it creates an attack surface and friction. Our idea is to simplify all this: the "Ledger button" is a direct connector on the dApp. You click on it, connect your device via USB or Bluetooth, and sign directly from your Ledger, without any gateway, extension or intermediary browser. The whole thing is based on the 7730 standard, which guarantees native clear signing and better security.
We launched this functionality with 1inch, and the reception has been very positive. The aim now is to roll it out to as many dApps as possible. And that's not all: the Solana Foundation recently contacted us about adopting the same model, inspired by our work on Ethereum. They want to develop their own version of the standard for their ecosystem, and we are already working together on this. Soon, Solana users will also have access to clear, verifiable transactions directly from their Ledger. This is an important step towards making transparent signing widespread across all blockchain environments.
Many users still use MetaMask or Rabby to use their Ledger. Is it your ambition to gradually eliminate these intermediaries?
I wouldn't say "eliminate", but rather "replace with a better experience". MetaMask and Rabby are excellent tools for navigating Web3, but their priority is not the security of our users. Their business model is based primarily on swaps and trading activity, whether or not they are Ledger users. For us, security is the primary mission. When I go to a dApp, I want to interact with it directly, not through an extension that adds complexity and risk. The "Ledger button" is our answer to this: a native and transparent integration that keeps security at the heart of the experience.
We know that many users are attached to their habits, and that's normal. For them, there's still the WalletConnect + Ledger Live solution, but that involves two applications and more handling. Our long-term aim is to reduce this friction. If every dApp integrates the Ledger button, there will no longer be any need for these intermediate layers. You connect your device, sign, and that's it. It's simpler, smoother and more secure. We think this approach - that of direct contact between the user, their device and the dApp - must become the norm.
>> These ex-Ledger executives launching start-ups
Ledger Live has just been rebranded Ledger Wallet. What's behind the name change and what direction are you taking this software in?
The main purpose of this rebranding is to clarify terms. The word "wallet" is often used to refer to both a signer (the physical device) and a software interface (like MetaMask). We wanted to put things back in order: the signer is the Ledger device, and the wallet is the software application, which becomes a unified service centre. Ledger Wallet now focuses our efforts on offering a richer, more fluid experience, with functions for buying, selling, exchanging, staking and yield management. We are gradually integrating new protocols (Aave in particular), and soon others, including for Bitcoin.
What are the latest developments on the Ledger Enterprise side?
One of the major recent projects is the introduction of "Multisig", which marks an important step for us. We've been thinking for a long time about a solution capable of combining the security of clear signing with the flexibility of multi-signature management. Initially, we targeted Ethereum, before considering other blockchains such as Bitcoin or Solana. The aim was to create a product consistent with our range: a solution suited to intermediate structures, between large custodians and private individuals.
As we held discussions with market players - particularly after the hack of Safe (formerly Gnosis Safe) via Bybit in February 2025 - we understood that there was a real need for security on these widely used open source environments, without wanting to switch to institutional solutions such as our "Vault" offering.
This is what led us to create a Ledger version of multisig Safe. We discussed a possible partnership with their teams, but their model is open source, so we decided to build our own solution from their foundation. Ledger adds a layer of experience, security and clarity. Development began just a few months ago, but we're already proud of the results. The interface is smoother, security has been strengthened, and the clear signature has been integrated into the heart of the product. For us, it's a way of bringing institutional rigour to an environment that had until now remained too permissive.
You're entering territory already occupied by Fireblocks, a key player in institutional conservation. How do you stand up to them?
Fireblocks has a slightly different positioning to us. When we launched 'Vault' in 2018, our belief was that financial institutions and banks would enter the market very quickly. We were a little too early: at the time, traditional finance was making POCs, not products. But this cycle is different: institutional adoption is accelerating, banks now want to launch custody and tokenisation services, and we're coming in ready with mature technology. Ledger Enterprise was designed from the outset to meet the compliance, governance and security requirements specific to this audience.
Fireblocks, on the other hand, has grown a lot in a more crypto-native segment, with players for whom security was not always the top priority, but who were mainly looking for automated tools and fast APIs.
Their MPC architecture does meet this need, but it doesn't have the same level of physical guarantee as a hardware secure element. Today, there is a real 'price race' on these MPC solutions, because many of the building blocks are now open source. It's a difficult model to defend in the long term. We continue to believe in hardware security and key sovereignty. As traditional finance becomes more entrenched in blockchain, I think our approach will take hold naturally.
>> Pascal Gauthier (Ledger): "Platforms should be used to buy and sell cryptos, not to hold them"
Who are your most representative customers on the Enterprise side today?
Our biggest client is Komainu, which is an institutional custodian and a joint venture in which we participate, but in which we remain a minority shareholder. Komainu manages assets for funds and asset managers from traditional finance, which makes it a strategic partner for us.
We also work with several other custodians, such as Tungsten, as well as major exchange platforms, including Cryptocom, which has been using 'Vault' since almost the beginning. These are long-term customers, with no major incidents, which proves the solidity of the product.
We also have an ongoing dialogue with players in asset management and more traditional financial infrastructures. Our ambition is for Ledger Enterprise to become the benchmark security standard for anyone handling digital assets on a large scale - whether they come from crypto or traditional finance. For many customers, we are the equivalent of a banking HSM, but adapted to the world of blockchains. This bridge between two worlds is our greatest strength.
According to our information, Ledger has been profitable again since 2024, is that correct?
Profitability is not really a goal in itself for us. Since I arrived, Ledger has been in hypergrowth: every time we generate more revenue, we reinvest it in product development, R&D, security, or in the user experience.
We are fortunate to be in a strong position, but our priority remains building for the long term, not distributing dividends. On the other hand, it is true that the context has changed. From 2021-2022, venture capital stopped blindly financing growth and started demanding financial discipline. Funds started to worry about the EDITDA. This pushed us to adopt a more balanced approach: continue to grow, while keeping a closer eye on our margins and our ability to break even.
You're not answering clearly...
I'm not going to comment on the financial aspects, but you get an idea of our financial health given that we don't raise funds every three months.
>> Survey: Ledger, a giant at a crossroads
Many are talking about the possibility of an IPO. Is this really an imminent prospect?
Ledger has been preparing for this for a long time, without it being an end in itself. An IPO is not just a question of financing, it's also a question of internal maturity.
To consider an IPO, you have to be ready in every respect: governance, reporting, accounting processes, visibility over two or three years, etc. We've been working for years to put these foundations in place so that when the right window opens we'll be able to seize it. Today, however, the market seems to be favourable again: the IPOs of crypto companies like Circle, Bullish and Gemini have been well received, and investor appetite for solid players in the sector is returning.
The exact timing will depend on two things: our own preparation and the economic climate. When the two are aligned, an IPO will make sense. For all that, there are several ways of being listed, including via partnerships or indirect listings. So there's no rush, just a strategy of continuous preparation. Since I've been at Ledger, this subject has come up regularly, but the important thing is to be ready the day we decide to go.
Ledger's French identity is still very much in the spotlight, and the Minister of Foreign Affairs Jean-Noël Barrot was actually present at your event. How do you explain this?
It's an important part of our history. Ledger was born in France, in a country where cryptography and hardware security have always been areas of excellence, and we are proud to have built a global company on these foundations.
Having Jean-Noël Barrot by our side, now Minister of Foreign Affairs and former Minister for Digital Affairs, is a form of continuity. He's been following us for a long time: he already presented the Ledger Flex at NFT Paris in 2024, and he's always seen Ledger as a showcase for French know-how in sovereign tech.
