DocumentationDevice AppExplanationLedgerOSIntroduction to Ledger OS

Introduction

These pages contain detailed documentation about the core features offered by Ledger OS, and how they can be utilized by Ledger OS applications and end-users. We’ll discuss how Ledger OS manages the master device seed and the device private key, and how it can be used for attestation purposes. We’ll also describe the hardware architecture that is common between all Ledger OS devices.

The operating system behind all Ledger personal security devices is called the Blockchain Open Ledger Operating System, or Ledger OS for short. Ledger OS provides a lightweight, open-source framework for developers to build source code portable applications that run in a secure environment. Ledger OS is a way of turning hardware wallets into fully-fledged personal security devices.

Ledger OS allows users to review and install applications that let them do more with their cryptographic secrets, while protecting the device and other applications from malicious code. The key to Ledger OS’s open-source friendliness and ability to limit the exposure of user’s cryptographic secrets to their apps is its application isolation technology.

Ledger OS is organized into the following modules:

  • An input / output module which allows applications executing in a secure environment to communicate with the outside world and third party peripherals
  • A cryptography module that implements low level cryptographic primitives and provides access to hardware acceleration where available
  • A persistent storage module that lets applications store data securely on the device
  • A personalization module for interfacing with the device master seed
  • An endorsement & application attestation module allowing Ledger OS applications to provide proof of execution
  • A user interface module for rendering the GUI and handling user input (eg. via buttons on the device)

The Dashboard

All Ledger OS devices have a special app installed that runs on the OS with certain special privileges called the Dashboard application or the PSD Content Manager. The dashboard app contains the main GUI that the user sees when they aren’t in any other app. This is what the users use to enter their master seed, and it is what they use to launch other applications. The dashboard application is also what the host computer communicates with when loading or deleting apps off of the device.

Ledger
Copyright © Ledger SAS. All rights reserved. Ledger, Ledger Nano S, Ledger Vault, Ledger OS are registered trademarks of Ledger SAS