Ledger IPO: A Dark Humor About "Security"

Original author: Ada, Deep Tide TechFlow

In the early morning of January 21, 2025, in the small town of Méreau, central France.

David Balland was dragged from his sleep at home. He is the co-founder of the cryptocurrency hardware wallet Ledger, a company that claims to safeguard $100 billion worth of Bitcoin for users worldwide.

According to France's Le Monde, 48 hours later, when the elite French special forces GIGN broke in, Balland was missing a finger.

The kidnappers sent a video of the severed finger to Ledger's other co-founder, Éric Larchevêque, along with a message: only accept cryptocurrency, do not call the police, do not delay, or face the consequences.

One year later, Ledger announced plans for an IPO on the New York Stock Exchange, with a valuation exceeding $4 billion. Wall Street's biggest names, including Goldman Sachs, Jefferies, and Barclays, are backing it.

This is a business about "security."

Is it ironic?

Those Leaked Addresses

Let's turn back time to 2020.

That summer, a misconfigured API endpoint allowed attackers easy access to Ledger's e-commerce database. Over 1 million email addresses were leaked. More critically, the names, phone numbers, and home addresses of 272,000 customers were also exposed.

Six months later, this list was dumped on the hacker forum Raidforum and sold at a very low price, accessible to anyone.

You can imagine what happened next.

Phishing emails flooded in, luring Ledger users to download malicious links in hopes of obtaining their cryptocurrency through private keys. Some Ledger users even received emails claiming that the sender knew their names and addresses, threatening to come to their homes to steal cryptocurrency unless they paid a ransom.

However, Ledger CEO Pascal Gauthier stated that the company would not compensate customers whose personal data was leaked on hacker sites, including those whose home addresses were exposed.

This incident caused significant losses for Ledger. But the real cost is the users who still live in fear today.

So, did Ledger learn its lesson?

Jumping into the Same Pit Three Times

On December 14, 2023, Ledger faced another incident.

This time, the path was even more absurd: a former Ledger employee fell victim to a phishing attack, and the attacker gained access to his NPMJS account.

No one explained how long he had been gone, nor why a former employee still had access to critical systems.

Malicious code was injected into the Ledger Connect Kit, a core library relied upon by countless DeFi applications. SushiSwap, Zapper, Phantom, Balancer—the entire front end of the DeFi ecosystem instantly turned into phishing pages.

Although Ledger fixed the issue in 40 minutes, $600,000 had already vanished.

CEO Pascal Gauthier wrote in a statement afterward: "This is an unfortunate isolated incident."

Is it isolated?

Just two weeks before Ledger announced its IPO plan on January 5, 2026, another leak occurred. This time it was due to its third-party payment processor Global-e, and customer names and contact information were once again exposed.

Six years, three major leaks.

Each time it was an "isolated incident," each time it was a "third-party issue," but the users bore the consequences every time.

If a traditional financial institution had three security incidents in six years, it would have had its license revoked by regulators long ago. But in the crypto world, it can go public and triple its valuation.

Recover: A Public Betrayal

If data leaks can be attributed to accidents or negligence, then Ledger Recover is a proactive self-detonation.

In May 2023, Ledger launched a new service where users could pay $9.99 a month to have their mnemonic phrases encrypted and stored by three companies: Ledger, Coincover, and EscrowTech. If you forget your mnemonic phrase, you can simply present identification to retrieve it.

For ordinary users who are always worried about losing their mnemonic phrases, this sounds quite considerate.

But there is a fundamental problem: the entire premise of the hardware wallet business is that "private keys never leave the device," right?

Former Ledger CEO Larchevêque later admitted a disturbing fact on Reddit: if users enable Recover, the government can legally compel these three companies to hand over the key shards, thereby accessing user assets.

The community exploded. Photos of users burning Ledger devices even appeared on Twitter.

Mudit Gupta, Chief Information Security Officer of Polygon, stated on Twitter: "Anything protected by 'authentication' is inherently less secure because it is too easy to forge."

Binance founder Changpeng Zhao also asked: "Does this mean cold wallet mnemonic phrases can be separated from the device?" and stated that this contradicts the principles supported by the crypto community.

However, Ledger's response was: "The vast majority of crypto users are still using exchanges or software wallets with limited security to hold their assets, and for many, managing a 24-word mnemonic phrase is itself a daunting hurdle. This also means that paper backups are becoming an outdated solution."

The reasoning is sound. However, when a company's growth strategy requires it to dilute its most core value proposition, things become a bit delicate.

Ledger's old users are geeks. Geeks are particular, geeks make noise, and geeks will write long posts on Reddit to criticize you. But the geeks have already bought their wallets; they do not contribute to growth.

Growth comes from novices. Novices fear trouble, novices will pay $9.99 for peace of mind, novices do not care about technical details like "private keys never leave the device."

But this is not a trade-off between security and convenience.

This is a public betrayal of the core user base, trading their trust for a ticket to a larger market.

Wrench Attack

Let's return to David Balland's severed finger.

There is a term in the crypto industry called "wrench attack." It means that no matter how complex the cryptography or decentralized the protocol, it cannot stop someone standing in front of you with a wrench, asking for your private key.

This term sounds almost like dark humor, as if invented by programmers joking while drawing threat models on a whiteboard.

But when such things actually happen, it is not funny at all.

In December 2024, Belgian crypto influencer Stéphane Winkel's wife was kidnapped. In May 2025, the father of another cryptocurrency millionaire was severed. Balland's case is just part of a larger trend.

A French internal security expert stated in an interview: "The methods in these cases are strikingly similar. Whether it is the same group remains to be investigated, but it is certain that this industry has become a hunting ground for professional kidnappers."

The question is: where does the list of prey come from?

The 272,000 home addresses from 2020 are still circulating on the dark web. That is not an ordinary leak. It is a list of addresses marked "this person holds cryptocurrency," and the scale of assets can be roughly inferred based on the model of Ledger purchased. Those who buy the most expensive models are likely to be the ones holding the most coins.

In a sense, Balland's experience is the fruit of Ledger's own sowing.

This may sound too harsh, as Ledger did not actively hand over data to the kidnappers. But when a company that sells itself on "security" cannot even protect its customers' home addresses, it is hard to assert that it bears no responsibility at all.

The Logic of $4 Billion

After all this negativity, let's talk about why Wall Street is still willing to back Ledger.

The answer is one word: FTX.

In November 2022, FTX collapsed, and its $32 billion valuation vanished overnight. Hundreds of thousands of users' assets were frozen in that black hole and have yet to be recovered.

"Not your keys, not your coins," this old adage suddenly became a bloody reality check.

However, the demand for hardware wallets skyrocketed afterward, and Ledger is the only player in this market with real brand recognition. According to BSCN reports, it holds 50%-70% of the market share. Ledger claims to safeguard $100 billion worth of Bitcoin, which is equivalent to 5% of the total global Bitcoin market cap.

More importantly, the timing is right.

In 2025, crypto companies raised $3.4 billion through IPOs. Circle and Bullish each raised over $1 billion. BitGo just became the first crypto company to go public in 2026. Kraken is lining up with a valuation of $20 billion.

This is a feast of exits, and Ledger does not want to miss the table.

Founders want to cash out, VCs want to exit, and the secondary market, driven by the frenzy of Bitcoin, is willing to pay for any stock labeled "crypto."

According to the Market Growth Report, the global cryptocurrency hardware wallet market size is projected to be $914 million in 2026, expected to reach about $12.7 billion by 2035, with a compound annual growth rate of 33.7% during the forecast period. If the adoption rate of hardware wallets accelerates (the interest in Bitcoin ETFs and institutional investors suggests this is highly likely), Ledger will seize this growth opportunity and occupy a favorable position.

And the $4 billion valuation corresponds to the narrative of "crypto custody infrastructure." Investors are not buying a hardware company; they are buying the industry's only brand-recognized "digital vault."

In other words, the valuation is narrative pricing, not business pricing.

The Truth Beyond the K-Line

Of course, the problem with narratives is that they can change at any moment.

Look at the stock performance of those crypto companies that went public in 2025 over the past six months.

Circle: from a high of $298 to $69.

Bullish: from $118 to $34.

BitGo's stock rose 25% on its first day of trading, only to give back those gains three days later.

This is the fate of crypto stocks: they resonate with Bitcoin and are unrelated to fundamentals.

Marcin Kazmierczak, co-founder and COO of modular oracle Redstone, stated in an interview that despite ongoing market uncertainty, the regulatory environment remains favorable for Ledger.

He added that Ledger's revenue is still affected by the consumer hardware cycle and warned that "another prolonged downturn will absolutely impact this, as we saw in 2022," but he also noted that the IPO could benefit from "an institutional cycle that is stronger than pure retail enthusiasm."

Survival of the Fittest

Ledger's IPO story is a mirror of the cryptocurrency industry.

A company that markets itself on "security" has historically faced its greatest risk exposure from security issues.

It promises a product where "users have complete control over their private keys," yet it launched a service that allows third parties to hold key shards.

A team with a co-founder who had a finger severed is planning to take the company into a more public and transparent capital market.

Is there a contradiction in this?

Of course there is.

But the survival rule in the crypto world has never been to eliminate contradictions; rather, it is to live with them.

The data leak in 2020 did not kill Ledger, nor did the supply chain attack in 2023, the Recover controversy, or the kidnapping of a co-founder.

It not only survives but is also going public.

Perhaps this is the most profound metaphor of the cryptocurrency industry:

In a world where even the founder's fingers are not safe, nothing is truly secure.

But money will always find its way.

And those companies that still stand amidst the ruins are often the kings of the next cycle.

As for whether Ledger is one of them, time will tell us the answer.

Or perhaps the next leak will.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。