Onchain investigator ZachXBT has issued a damning critique of hardware wallets, describing them as complete garbage and singling out Ledger as the worst. In a Telegram post, he argued that users should not rely on these devices for critical transaction signing or storing large amounts of cryptocurrency. Instead, he proposed a radical alternative: a dedicated iPhone used solely for crypto management, kept completely segregated from other apps and everyday online activity.
ZachXBT’s harshest criticism targeted Ledger, the Paris-based manufacturer. He claimed frequent updates to its companion software—now renamed Ledger Wallet—often break basic functions. “Ledger Live receives regular updates for UI/apps for no good reason that break simple actions,” he said. While no new security breach was cited, his comments underscore long-standing user frustrations over update cadence and occasional device bricking.
The controversy comes amid a backdrop of escalating scams. A hardware wallet user lost $282 million in Bitcoin and Litecoin in January through a social engineering attack, while a fake Ledger app on Apple’s App Store stole $9.5 million from over 50 victims in April. These incidents highlight risks unrelated to the technical security of the devices themselves, but ZachXBT’s criticism suggests the entire self-custody paradigm may need rethinking.
His dedicated-iPhone proposal challenges conventional advice. A factory-reset iPhone, he reasons, benefits from Apple’s Secure Enclave and rigorous OS patches, potentially offering a more stable signing environment than hardware wallets plagued by firmware issues. The trade-off, however, hinges on user discipline.
The debate also resonates with regulatory efforts around digital asset custody. As legislators consider new standards, the reliability of popular self-custody tools becomes a policy question. Ledger defended its approach, noting that hardware-based signing still isolates private keys, but ZachXBT’s broadside has already sparked a wider conversation about whether the industry’s go-to security tools have kept pace with user expectations and real-world threats.