{"id":17445,"date":"2026-06-03T09:35:59","date_gmt":"2026-06-03T16:35:59","guid":{"rendered":"https:\/\/jasonsblog.ddns.net\/?p=17445"},"modified":"2026-06-03T09:35:59","modified_gmt":"2026-06-03T16:35:59","slug":"trezor-says-safe-7-chip-flaw-found-by-ledger-does-not-put-funds-at-risk","status":"publish","type":"post","link":"https:\/\/jasonsblog.ddns.net\/index.php\/2026\/06\/03\/trezor-says-safe-7-chip-flaw-found-by-ledger-does-not-put-funds-at-risk\/","title":{"rendered":"Trezor Says Safe 7 Chip Flaw Found by Ledger Does Not Put Funds at Risk"},"content":{"rendered":"\n

Doing a first ever opensource secure element chip is difficult. But kudos to Trezor for supplying the chip and having it researched by Ledger Donjon which has found similar flaws with another secure element chip used in the Coldcard hardware wallets<\/a>… This should make a future iteration much more secure. And this does require physical access to the device, but you would need to hack two more chips to effectively retrieve a wallet private key and steal funds. And a passphrase being an extra seed word would also protect your wallet even if they could exploit the hardware. Since a lot of these secure elements used require NDAs, exploits for those are not disclosed, as Trezor disclosed one they tested in the past could be hacked, with the NDA preventing them from disclosing it publicly. And they said it was used in competitor’s products…<\/p>\n\n\n\n

https:\/\/cointelegraph.com\/news\/trezor-tropic-chip-flaw-ledger-donjon-funds-safe<\/a><\/p>\n\n\n

<\/div><\/div><\/div>\n\n\n
Trezor and Tropic Square disclosed a TROPIC01 chip vulnerability found during a Ledger Donjon audit, saying the Safe 7 wallet and user funds remain secure.<\/h5>\n\n\n\n
\"\"\/<\/figure>\n\n\n\n

Hardware wallet company Trezor and chipmaker Tropic Square have disclosed a vulnerability in one of the secure elements used in Trezor Safe 7 hardware wallet, saying the flaw does not put user funds at risk because the chip alone cannot expose a wallet.<\/p>\n\n\n\n

The vulnerability was identified during an independent security audit conducted by Ledger Donjon, the security research team at rival hardware wallet maker Ledger, according to a Trezor statement.<\/p>\n\n\n\n

Tropic Square provided the affected TROPIC01 Secure Element chip to the Ledger Donjon team for an independent audit. The companies said compromising TROPIC01 alone would not be enough to access a user\u2019s wallet, PIN or funds.<\/p>\n\n\n\n

The disclosure offers a rare public look at how hardware wallet makers handle chip-level security flaws and highlights the growing role of independent researchers in testing crypto custody devices.<\/p>\n\n\n\n

Flaw surfaced during independent security testing<\/h2>\n\n\n\n

According to Trezor, the vulnerability was discovered during an independent security review initiated by Tropic Square after the launch<\/a> of its TROPIC01 secure element in early 2025.<\/p>\n\n\n\n

Ledger’s Donjon informed Tropic Square in January 2026 that it had successfully carried out a laser fault injection attack against the chip, allowing researchers to extract some chip-held secrets and bypass firmware signature verification under lab conditions.<\/p>\n\n\n\n

\"\"\/
TROPIC01 is one of two secure elements in Trezor Safe 7, which launched in October 2025. Source: <\/em>SatoshiLabs<\/em><\/a><\/figcaption><\/figure>\n\n\n\n

After reviewing Ledger Donjon’s findings, Tropic Square engineers identified an additional method of exploiting the weakness that could expose another chip-held secret tied to PIN-related functions.<\/p>\n\n\n\n

The company notified its partners, including Trezor, and opted to publicly disclose the vulnerability alongside Donjon’s research.<\/p>\n\n\n\n

Trezor says users do not need to take any action<\/h2>\n\n\n\n

Trezor said users do not need to take any action following the disclosure, adding that the vulnerability does not affect funds stored on the device because compromising TROPIC01 alone is not enough to access the wallet, PIN or funds.<\/p>\n\n\n\n

As the issue exists at the hardware level, it cannot be fixed through a remote firmware update.<\/p>\n\n\n\n

\u201cBecause the Trezor Safe 7 was built with multiple independent security layers, a vulnerability in TROPIC01 does not put user funds at risk,\u201d Trezor CEO Matej \u017d\u00e1k said.<\/p>\n\n\n\n

\"\"\/
Source: Trezor<\/em><\/figcaption><\/figure>\n\n\n\n

Trezor noted that Ledger\u2019s Donjon team has previously published independent security research on its devices, including a report<\/a> on the Trezor Safe 3 that demonstrated an attack involving supply-chain-style physical interception, desoldering and modification of the device before it reached users.<\/p>\n\n\n\n

The company responded<\/a> publicly at the time and has continued hardening against such attack vectors, adding that it was not aware of any user funds being compromised.<\/p>\n\n\n\n

\u201cNo Donjon research has identified a vulnerability in the Optiga secure element, and the STM32U5 used in the Safe 7 is a more recent microcontroller with no demonstrated fault-injection attack against it,\u201d a spokesperson for Trezor told Cointelegraph.<\/p>\n\n\n\n

Cointelegraph reached out to Ledger Donjon regarding audits of other secure elements used in Trezor hardware wallets, but had not received a response by publication.<\/p>\n","protected":false},"excerpt":{"rendered":"

Doing a first ever opensource secure element chip is difficult. But kudos to Trezor for supplying the chip and having it researched by Ledger Donjon which has found similar flaws with another secure element chip used in the Coldcard hardware wallets… This should make a future iteration much more secure. And this does require physical […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-17445","post","type-post","status-publish","format-standard","hentry","category-tech"],"blocksy_meta":[],"featured_image_src":null,"author_info":{"display_name":"Jason","author_link":"https:\/\/jasonsblog.ddns.net\/index.php\/author\/jturning\/"},"_links":{"self":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/17445","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/comments?post=17445"}],"version-history":[{"count":1,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/17445\/revisions"}],"predecessor-version":[{"id":17446,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/posts\/17445\/revisions\/17446"}],"wp:attachment":[{"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/media?parent=17445"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/categories?post=17445"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jasonsblog.ddns.net\/index.php\/wp-json\/wp\/v2\/tags?post=17445"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}