Freedom

Ledger audits Trezor's chip, finds unfixable flaw in Safe 7

HyperSinc Intelligence/JUNE 9, 2026

Ledger's security team disclosed a laser fault injection vulnerability in Trezor Safe 7's open-source TROPIC01 chip, requiring a silicon revision and establishing cross-rival hardware audits as industry norm.

Ledger audits Trezor's chip, finds unfixable flaw in Safe 7

4 min read

TL;DR

→Ledger Donjon discovered a laser fault injection flaw in the TROPIC01 chip used in Trezor Safe 7 in late January 2026; disclosure coordinated with Trezor and Tropic Square on June 3.
→The attack requires chip decapsulation and a 1064nm laser to bypass firmware signature verification, but cannot access private keys due to Safe 7's three-layer architecture.
→Silicon revision targeted for late 2026; technical details withheld until hardened version available. Sets precedent for cross-competitor hardware audits.

In late January 2026, Ledger's Donjon security team fired a 1064 nanometer laser at a decapsulated TROPIC01 chip and watched the firmware signature verification fail. Four months of coordination later, with Trezor and chip designer Tropic Square agreeing on disclosure terms, timing, and technical scope, the three organizations published the full finding on June 3, 2026. A rival company had just audited another's hardware wallet and found a permanent flaw. The industry had no precedent for how to handle it.

The attack itself is not trivial to execute. Donjon had to physically remove the silicon die from its package, then inject faults into the signature verification process at exactly the right microsecond during firmware updates or device boot. When they succeeded, the chip returned the string 'HACK' in its device-identification response, proof of custom code execution on what is supposed to be an immutable, tamper-resistant element. Tropic Square, seeing Donjon's finding, identified an additional attack path that targets the chip's PIN protection subsystem. But here is the constraint: the PIN itself never lives whole in any single chip. Trezor distributes the PIN flow across three independent components, the TROPIC01, an Infineon OPTIGA Trust M secure element, and the main microcontroller, and the transient decryption key assembles only briefly in volatile memory before dispersing again. That architecture meant Donjon could force unauthorized code execution on the TROPIC01, but could not simply extract the PIN or wallet seed.

This is where the flaw becomes infrastructure news instead of a company scandal. The vulnerability exists at the silicon level. No firmware update fixes it. No key rotation, no recovery phrase change, no remote firmware patch closes the door. Tropic Square must spin a new silicon revision, currently scheduled for late 2026, and Trezor says user funds remain protected under the existing multi-layer architecture despite the vulnerability. Tropic Square is withholding full technical details until the hardened revision ships, with complete disclosure planned for spring 2027, a transparency timeline that balances defensive disclosure (giving attackers no roadmap while fixes deploy) against community confidence (details arrive within a year, not locked forever). The firmware mitigation available now, disabling certain boot paths and tightening signature checks, reduces the attack surface but does not eliminate it.

What matters most is that this happened at all. Ledger and Trezor do not coordinate on much. Their secure elements are different, their architectures diverge, their customer bases rarely overlap. Yet both agreed that discovering a flaw in the other's hardware, in an open-source, publicly auditable chip, was more important than competitive positioning. Ledger could have weaponized Donjon's finding internally. Instead, they disclosed it responsibly, on schedule, with full technical collaboration. That is not a market norm in hardware security. It is a signal that open-source secure elements in self-custody wallets now carry a cost that closed proprietary designs do not: they get audited by rivals, and those audits are published. Users choosing Trezor Safe 7 for its auditability also accept that the auditability surfaces hardware-permanent flaws. Users choosing a closed secure element trade away transparency for a narrower disclosure surface. Neither choice is wrong. Both choices are now informed.

The real test arrives late 2026 when Tropic Square ships the revised TROPIC01 and Trezor begins selling Safe 7 units with the hardened chip. Watch whether the silicon revision actually closes the fault injection vulnerability, whether Donjon or another team can replicate the attack on v2. Watch whether Trezor publishes a clear migration path for Safe 7 owners holding vulnerable chips. Watch whether this cross-competitor audit model spreads to other hardware wallet manufacturers or remains a one-time coordination between Ledger and Trezor. If it spreads, it reshapes how the industry treats hardware wallets: as infrastructure, not products, where security findings belong in the public domain.

Key Takeaways

Two rival hardware wallet makers conducted the first documented cross-competitor security audit at scale, with full public coordination and timeline, a new industry norm for disclosure.
The vulnerability is hardware-permanent in current Safe 7 units: no firmware patch fixes it, only a silicon spin addresses it. This exposes a real cost to open-source secure elements.
Trezor's three-layer PIN architecture (TROPIC01 + Infineon OPTIGA + main MCU) contained the breach, no single chip holds the full key, but the TROPIC01 flaw still required a recall-class fix.

What it meansThe first cross-rival hardware wallet security audit sets a precedent for transparency and establishes that open-source secure elements carry real silicon-level discovery risk, shifting how users weigh openness against auditability.

DISCLAIMER

This article is for informational purposes only and does not constitute financial, investment, legal, or tax advice.

SOURCES

← Back to HyperSinc