Skip to content
English
More support
  • There are no suggestions because the search field is empty.

Ledger and Hardened Derivation Paths: What's Changing and What It Means for Your Vault

Ledger is moving to hardened derivation paths — a stricter, more isolated way of generating keys. Your vault isn't affected today, and any future migration will be optional and guided by Casa.

TL;DR

  • Nothing is changing for your existing Ledger setup today. Your vault continues to work normally.
  • Ledger is moving toward enforcing hardened derivation paths — a more secure way of generating keys.
  • Casa is adding support for hardened purpose paths (the first level of the derivation path). When it's ready, migration will be optional, not required.
  • If you need to take action in the future, we'll walk you through it. No surprises.

Background: How Your Ledger Generates Keys

Your Ledger device stores a seed phrase — a master secret from which all of your keys are generated. It does this using a system called hierarchical deterministic (HD) derivation, which follows a standardized path structure:

m / purpose' / coin_type' / account' / change / address_index

From that seed, the device produces extended public keys (xPubs). An xPub lets Casa's servers generate your receiving addresses and monitor your vault without ever touching your private keys — keeping them safely on your device.

What's the Difference Between Hardened and Unhardened Derivation?

Until now, Casa used unhardened derivation paths for Ledger keys. This approach let our servers take a single xPub and derive child keys for different accounts and purposes without needing your device to reconnect each time.

Hardened derivation works differently: each branch of the key tree is isolated, so a child key cannot be derived from a parent xPub alone. The device itself must be involved.

Ledger is pushing toward hardened derivation because their users often secure many different cryptocurrencies with a single seed phrase. In that context, a leaked private key combined with an unhardened path could potentially expose other assets on the same seed.

For Casa members, this risk is much lower — we're a multisig wallet supporting a limited number of assets — but we're aligning with Ledger's direction to maintain compatibility and keep your setup future-proof.

Why Existing Keys Can't Simply Be "Converted"

Casa currently holds xPubs derived from unhardened paths, and there's no way to convert them to hardened ones on our end. Hardened derivation requires direct involvement of your device and seed.

To migrate to a hardened key, you would:

  1. Connect your Ledger device
  2. Export a new hardened-path xPub
  3. Complete a standard key rotation to insert it into your vault

This is a straightforward process — and again, it's not required right now.

What This Means for You Today

Your vault is secure and fully functional as-is. No immediate action is required.

If Ledger enforces stricter firmware requirements in the future (for example, phasing out support for older firmware versions), you would still be able to sign transactions using the Bitcoin Recovery app rather than the standard Bitcoin app. Your seed and vault structure would remain completely intact.

Once Casa completes support for hardened purpose paths, this will enable Ledger users to migrate to a more isolated key structure. When that work is done, you'll have several options:

  • Stay with your current setup — no change required
  • Rotate to a hardened Ledger key — a straightforward key rotation when you're ready
  • Rotate to a different hardware device — if you'd prefer to switch manufacturers
  • Load your seed onto a different device — without needing a key rotation at all

We'll notify you when migration becomes available, and we'll guide you through whichever path makes sense for your situation.

Questions?

If you'd like to review your specific vault setup or go deeper on any of the technical details above, our team is happy to help. Reach out to help@team.casa anytime.