Going quantum: our choices for Trezor Safe 7's quantum readiness
Trezor Safe 7 can run post-quantum updates, but these updates don't exist yet. Bitcoin and other cryptocurrencies still use their original cryptographic standards.
While designing Trezor Safe 7, we chose to confront the quantum threat to safeguard your keys in the years ahead.
This is an overview of the measures inside Trezor Safe 7 that prepare it for the quantum threat, and the decisions behind them.
This article takes a more technical look at the topic of quantum-readiness. If you’d prefer a more general overview, see What does quantum-ready mean?
Quantum at the core
Every Trezor Safe 7 is quantum-ready from the moment it powers on.
Each Trezor Safe 7 runs through three layers of security at startup:
- Boardloader - written at the factory, never changed; verifies the bootloader.
- Bootloader - installs and verifies firmware; can wipe the device.
- Firmware - wallet logic and interface.
The boardloader cannot be altered after code is written to it at the factory, as opposed to the bootloader and firmware, which can be updated at any point in the future.
Since the boardloader must remain secure for decades, we designed it to be ready to verify post-quantum firmware updates and support a post-quantum authenticity check when the time comes.
Our path to post-quantum security
The U.S. National Institute of Standards and Technology (NIST) has approved the first post-quantum standards, aiming to define a framework for worldwide transition by 2035.
Thus far, NIST has approved SLH-DSA, Dilithium, and Falcon.
Each option comes with different trade-offs. There is no single "perfect" option .
At Trezor, we set three priorities:
- Hash-based cryptography – mature, with decades of proven resilience.
- Stateless design – avoids the risk of failure from mismanaging state.
- Fast verification – required because signatures are checked at every startup.
For the bootloader we chose most conservative option: SLH-DSA-128, part of the SPHINCS+ family and standardized by NIST in 2024. The choice reflects our careful approach, grounded in hash-based methods that are well understood, supported by decades of research, and have never been broken.
Still, one layer of trust is not enough.
The Trezor Safe 7 boardloader uses a hybrid scheme:
- Signed with both SLH-DSA and ECDSA (secp256r1).
- The ECDSA signature also signs the SLH-DSA signature.
Trezor Safe 7 first checks firmware hashes and SLH-DSA signatures with ECDSA, and only then with SLH-DSA.
If a flaw were found in SLH-DSA before quantum computers become relevant, it could not be exploited without a valid ECDSA signature.
This layered approach keeps the root of trust secure while preparing for what comes next.
Authenticity that outlives today’s encryption
Quantum resistance extends beyond the boardloader.
Each Trezor Safe 7 includes a post-quantum device certificate to prove authenticity in a post-quantum future.
For attestation, our requirements were:
- Fast signing – quick responses during checks.
- Efficient verification – smooth performance in Trezor Suite.
SLH-DSA was too slow for signing. In the boardloader, size matters most; in attestation, speed matters more.
We chose ML-DSA-44, a lattice-based algorithm standardized by NIST.
How Trezor Safe 7 defends from within
Each Trezor Safe 7 carries number of device certificates spread out through different technologies and cryptography, stored on all three chips for redundancy:
- Optiga Trust M – ECDSA (secp256r1)
- Tropic01 – EdDSA (Ed25519)
- STM32U5 – ML-DSA-44
By distributing certificates across three independent chips, we’ve ensured authenticity checks remain robust, even if one layer is compromised.
The design ensures that, even in a quantum era, a Trezor Safe 7 can still prove it is genuine.