All Collections
Core extension: What are Ledger wallet policies?
Core extension: What are Ledger wallet policies?
H avatar
Written by H
Updated over a week ago

With the Ledger Bitcoin app v.2.1.1, Ledger now requires users to set up a wallet policy within the Ledger. When using the Core extension with a Ledger, the approval flow will prompt users to set one. Once created to meet Ledger requirements, users can then approve transactions for Bitcoin.

Wallet policy registration

During the registration flow, the user verifies the name of the policy, the policy itself, and each of the cosigners.

Once approved by the user, the Hardware Wallet returns a 32-byte string, a hmac-sha256, which can be used in any future call to provide proof that the policy was already approved.

This allows the ability to keep the hardware wallet stateless: it is the client’s responsibility to store the registered wallet’s metadata and the hmac, and provide it for future calls.

A possible caveat is that the wallet policy registration is not revocable, since it is only tied to the user’s seed. Alternative registration flows that would allow revocable policies are possible but at the cost of making the device no longer stateless, which brings other tradeoffs in terms of user experience. After all, one can make a policy effectively useless by moving all the funds controlled by it.

Moreover, it is the user’s responsibility to make sure that wallet policies are registered with different and easy-to-distinguish names. The hardware wallet cannot warn the user if different policies are registered under the same name!

Receive a transaction to a registered wallet

In order to use a registered wallet safely, it is crucial to be able to derive addresses for the wallet. The device can show the name of the registered wallet and the derived address on its secure screen:

Spending from a registered wallet

Spending from a registered wallet has a flow that is exactly the same as for usual single-signature transactions, except that the name of the registered wallet is shown first, and has to be explicitly approved by the user.

This approach will be generalized to more complex policies in future versions. We are excited about the potential of policy wallets for more secure and straightforward and advanced tools for self-custody.

For a more detailed understanding of Ledger wallet policies please visit the following page.

For any additional questions, please view our other knowledge base articles or contact a support team member via the chat button. Examples are for illustrative purposes only.

Did this answer your question?