Ledger IPO: A Dark Comedy About "Security"
- Core Viewpoint: Using Ledger's IPO plan as a starting point, this article reveals that behind the development history and high valuation of this hardware wallet giant, which is built around "security," lies a series of profound security contradictions and trust crises. These include multiple user data breaches, product designs that deviate from core principles, and the real harm security incidents have caused to users.
- Key Elements:
- Multiple Severe Security Incidents: In 2020, a configuration error led to the leak of over a million user email addresses and 272,000 user physical addresses. In 2023, a supply chain attack via a compromised former employee's account caused approximately $600,000 in losses. Another third-party data breach occurred in early 2026.
- Deviation from Core Product Philosophy: The "Recover" service launched in 2023 allowed encrypted seed phrase shards to be entrusted to third-party custodians, contradicting its core security tenet of "private keys never leaving the device." This sparked strong community opposition and was seen as a betrayal of its core user base.
- Real-World Consequences of Security Vulnerabilities: Early leaked user address data circulated on the dark web, potentially indirectly leading to offline physical attacks (such as "wrench attacks") targeting cryptocurrency holders. Several individuals, including one of its co-founders, were kidnapped or harmed.
- Market Logic Behind High Valuation: Following the collapse of centralized exchanges like FTX, the concept of "Not your keys, not your coins" gained widespread acceptance, leading to a surge in demand for hardware wallets. Ledger, with an estimated 50%-70% market share and a narrative of securing around $100 billion worth of BTC (approximately 5% of the total supply), commands a "digital vault" premium valuation.
- Industry and Capital Context: The 2025-2026 period saw a wave of IPOs for crypto companies. The secondary market, fueled by the Bitcoin bull run, showed high enthusiasm for crypto assets. The hardware wallet market is projected to grow from $914 million in 2026 to $12.7 billion by 2035, providing Ledger with a growth narrative.
- Volatility of Crypto Stocks: Shares of listed crypto companies (e.g., Circle, Bullish) have generally experienced significant short-term declines, indicating their prices are highly correlated with Bitcoin's performance rather than company fundamentals.
Original Author: Ada, Shenchao TechFlow
In the early hours of January 21, 2025, in the small town of Méreau, central France.
David Balland was dragged from his sleep and out of his home. He is the co-founder of cryptocurrency hardware wallet company Ledger, which claims to safeguard $100 billion worth of Bitcoin for users worldwide.
According to a report by the French newspaper Le Monde, 48 hours later, when France's elite special forces, GIGN, broke down the door, Balland was missing a finger.
The kidnappers sent a video of the severed finger to Ledger's other co-founder, Éric Larchevêque, with a message: they would only accept cryptocurrency, no police, no delays, or else face the consequences.
One year later, today, Ledger announced plans for an IPO on the New York Stock Exchange, with a valuation exceeding $4 billion. Behind it stand some of Wall Street's most prominent names: Goldman Sachs, Jefferies, Barclays.
This is a business about "security."
Ironic?
Those Leaked Addresses
Let's rewind to 2020.
That summer, a misconfigured API endpoint allowed attackers easy access to Ledger's e-commerce database. Over 1 million email addresses were leaked. Even worse, the names, phone numbers, and home addresses of 272,000 customers were also exposed.
Six months later, this list was dumped on the hacker forum Raidforum and sold for a very low price, accessible to anyone.
You can imagine what happened next.
Phishing emails flooded in like snowflakes, tricking Ledger users into downloading malicious links in hopes of obtaining their cryptocurrency via private keys. Some Ledger users also received emails stating that the sender knew their name and address, threatening to come to their homes to steal their cryptocurrency unless a ransom was paid.
However, Ledger CEO Pascal Gauthier stated that the company would not compensate customers whose personal data, including home addresses, was leaked on the hacker site.
This incident caused significant damage to Ledger. But the real cost was borne by users who still live in fear to this day.
So, did Ledger learn its lesson?
Falling into the Same Pit, Three Times
On December 14, 2023, Ledger had another incident.
This time, the path was even more absurd: a former Ledger employee was phished, and the attacker gained access to his NPMJS account.
No one explained how long he had been gone, nor why a former employee still retained access to critical systems.
Malicious code was injected into the Ledger Connect Kit, a core library relied upon by countless DeFi applications. SushiSwap, Zapper, Phantom, Balancer—the frontends of the entire DeFi ecosystem instantly turned into phishing pages.
Although Ledger fixed the issue within 40 minutes, $600,000 had already vanished.
CEO Pascal Gauthier wrote in a post-incident statement: "This is an unfortunate isolated incident."
Isolated?
Then, on January 5, 2026, just two weeks before Ledger announced its IPO plans, another leak occurred. This time it was an issue with its third-party payment processor, Global-e, resulting in another outflow of customer names and contact information.
Six years, three major leaks.
Each time an "isolated incident," each time a "third-party problem," but each time it's the users who bear the consequences.
If a traditional financial institution had three security incidents in six years, its license would have been revoked by regulators long ago. But in the crypto world, it can IPO, and its valuation can even triple.
Recover: A Public Betrayal
If data leaks can still be attributed to accidents or negligence, then Ledger Recover was an active self-detonation.
In May 2023, Ledger launched a new service: for $9.99 per month, users could encrypt and shard their seed phrase, entrusting the pieces to three companies for safekeeping: Ledger, Coincover, and EscrowTech. If you forgot your seed phrase, you could simply present your ID to recover it.
For ordinary users who constantly worry about losing their seed phrase, this indeed sounds considerate.
But there is a fundamental problem: Isn't the entire premise of the hardware wallet business that "the private key never leaves the device"?
Ledger's former CEO, Larchevêque, later admitted an unsettling fact on Reddit: if a user enabled Recover, the government could legally compel these three companies to hand over the key shards, thereby accessing the user's assets.
The community exploded. Photos even appeared on Twitter of users burning their Ledger devices.
Polygon's Chief Information Security Officer, Mudit Gupta, tweeted: "Anything protected by 'identity verification' is inherently less secure because it's too easy to fake."
Binance founder Changpeng Zhao also commented: "Does this mean cold wallet seed phrases can be separated from the device?" stating that this goes against the principles supported by the crypto community.
Yet Ledger's response was: "Currently, the vast majority of crypto users still use exchanges or software wallets with limited security to custody assets, and for many, managing a 24-word seed phrase is itself a difficult hurdle to cross. This also means that paper backups are becoming an outdated solution."
The reasoning isn't wrong. But when a company's growth strategy requires diluting its own core value proposition, things become a bit微妙.
Ledger's old users are geeks. Geeks are meticulous, geeks are noisy, geeks write long posts on Reddit to criticize you. But geeks have already bought their wallets; geeks don't contribute to growth.
Growth comes from novices. Novices fear hassle, novices will pay $9.99 for peace of mind, novices don't care about technical details like "the private key never leaves the device."
But this isn't a trade-off between security and convenience.
This is a public betrayal of the core user base, trading their trust for a ticket to a larger market.
Wrench Attack
Let's return to David Balland's severed finger.
There's a term in the crypto industry: "wrench attack." It means that no matter how complex the cryptography or how decentralized the protocol, it can't stop someone standing in front of you with a wrench, asking for your private key.
The term sounds almost darkly humorous, like a joke programmers invented while drawing threat models on a whiteboard.
But when it actually happens, it's not funny at all.
In December 2024, the wife of Belgian crypto influencer Stéphane Winkel was kidnapped. In May 2025, another cryptocurrency tycoon's father had a finger severed. Balland's case is just part of a larger trend.
A French internal security expert said in an interview: "The methods in these cases are identical. Whether it's the same group still needs investigation, but one thing is certain: this industry has become a hunting ground for professional kidnappers."
The question is: Where does the list of prey come from?
Those 270,000 home addresses from 2020 are still circulating on the dark web. That's not an ordinary leaked dataset. It's a list of addresses labeled "this person holds cryptocurrency," and the asset scale can be roughly inferred based on the Ledger model purchased. Those who bought the most expensive model are likely also those holding the most coins.
In a sense, Balland's ordeal is a fruit of Ledger's own making.
That might be too harsh; after all, Ledger didn't actively hand the data to the kidnappers. But when a company whose core selling point is "security" can't even protect its customers' home addresses, it's hard to confidently claim it bears no responsibility at all.
The Logic of $4 Billion
Having said so much negative, let's now talk about why Wall Street is still willing to back Ledger.
The answer is just one word: FTX.
In November 2022, FTX collapsed, its $32 billion valuation vanishing overnight. Hundreds of thousands of users' assets were frozen in that black hole, and they haven't been recovered to this day.
The old adage "Not your keys, not your coins" suddenly became a bloody real-life lesson.
But hardware wallet demand skyrocketed after that, and Ledger is the only player in this market with genuine brand recognition. According to a BSCN report, it holds 50%-70% market share. Ledger claims to safeguard $100 billion worth of Bitcoin, equivalent to 5% of Bitcoin's total global market capitalization.
More importantly, timing.
In 2025, crypto companies raised $3.4 billion through IPOs. Circle and Bullish each raised over $1 billion. BitGo just became the first crypto company to go public in 2026. Kraken is queuing up with a $20 billion valuation.
This is an exit feast, and Ledger doesn't want to miss the table.
Founders want to cash out, VCs want exits, and the secondary market, driven by Bitcoin mania, is willing to buy any stock with a "crypto" label.
According to Market Growth Report data, the global cryptocurrency hardware wallet market size was $914 million in 2026 and is projected to reach approximately $12.7 billion by 2035, with a CAGR of 33.7% during the forecast period. If hardware wallet adoption accelerates (Bitcoin ETFs and institutional interest suggest this is likely), Ledger is well-positioned to capture this growth opportunity.
And the $4 billion valuation corresponds to the "crypto custody infrastructure" narrative. Investors aren't buying a hardware company; they're buying the industry's only brand-recognized "digital vault."
In other words, the valuation is priced on narrative, not on business fundamentals.
The Truth Lies Beyond the Charts
Of course, the problem with narratives is that they can change at any moment.
Look at the stock performance of those crypto companies that went public in 2025 over the past six months.
Circle: dropped from a high of $298 to $69.
Bullish: dropped from $118 to $34.
BitGo rose 25% on its first trading day, only to give back all gains three days later.
This is the fate of crypto stocks: resonance with Bitcoin, irrelevant to fundamentals.
Marcin Kazmierczak, Co-founder and COO of modular oracle Redstone, said in an interview that despite ongoing market uncertainty, the regulatory environment remains favorable for Ledger.
He added that Ledger's revenue is still subject to consumer hardware cycles, warning that "another prolonged downturn would absolutely affect this, we saw that in 2022," but he also noted the IPO could benefit from "a stronger institutional cycle than pure retail enthusiasm."
Survival of the Fittest
Ledger's IPO story is a mirror of the crypto industry.
A company whose core selling point is "security" has its largest historical risk exposure precisely from security issues.
Its product promises "users have full control of their private keys," yet it launched a service that lets third parties custody private key shards.
A team whose co-founder had a finger severed is planning to take the company to a more public, more transparent capital market.
Are there contradictions here?
Of course.
But the survival rule in the crypto world has never been about eliminating contradictions; it's about living with them.
The 2020 data leak didn't kill Ledger, the 2023 supply chain attack didn't, the Recover controversy didn't, the co-founder's kidnapping didn't.
Not only is it alive, it's going public.
Perhaps this is the deepest metaphor for the crypto industry:
In a world where even a founder's finger isn't safe, nothing is truly safe.
But money will always find its way.
And the companies still standing amidst the ruins are often the kings of the next cycle.
As for whether Ledger is one of them, time will tell.
Or perhaps, the next leak will.
