[DennisP]

Yes but the Ledger has its own screen that shows what you're actually signing. If you verify that, you're good.

There are a couple caveats. First, the Ledger Nano's screen is too small to display the entire address at once, so an attacker who knows where you might send money could generate an address that appears that same on the characters that display. (The Ledger Blue shows the full address but is getting discontinued.)

Secondly, if you're on Ethereum and using a multisig contract, the destination address is just the contract and the ETH amount is zero. The function parameters which define your actual request are just displayed by the Ledger as a warning that they exist.

I've suggested to Ledger that they come up with a way to import the json.abi and display the actual parameters on device, which is what desktop clients do. They thought it was doable but I haven't seen any suggestion of it happening.

[jki275]

Just for the record, the entire address for the transaction is displayed on the screen, it just scrolls side to side. Generating another address that's similar enough to be confused easily would be prohibitively difficult at best.

[DennisP]

Yes but the middle scrolls by pretty quickly. I once saw an article that did the math on the difficulty of making an address that matched on the easy-to-read parts of the address at beginning and end, and it amounted to less than a day's work on a modern PC. That's likely to work against most users.

[jki275]

It doesn't scroll quickly, it's very easy to read and verify, even for my beat up eyes.

I'd be very interested to see that math, because it's unlikely that's accurate. You can get a few characters at the beginning of the address relatively easily -- the rest is in heat death of the universe territory.

[YjSe2GMQ]

It is already implemented for ERC20 token transfers which are probably >90% of smart contract invocations.

[DennisP]

Not for multisig contracts though, which people tend to use for extra security on large amounts of funds.