Všechny články

How Trezor Safe 7's three hardware layers protect your wallet

Trezor Safe 7 uses three independent chips that work together to protect your wallet: TROPIC01, the world's only independently auditable secure element, developed by Tropic Square (a SatoshiLabs company); OPTIGA Trust M, an EAL6+ certified, NDA-free secure element from Infineon; and the STM32U5, a hardened security microcontroller.

Each chip plays a distinct role. The two secure elements hold and protect your secrets and enforce hardware-level attack limits. The microcontroller coordinates the work between them: it prepares values for verification, relays signed responses, and assembles the results.

This article walks through what each chip does in PIN protection, device authentication, and wallet creation.

V tomto článku:

Overview

The two secure elements share three responsibilities:

  • Hardware-enforced PIN protection
  • Device authenticity verification
  • Secure randomness for wallet creation

The main microcontroller orchestrates these operations. The result is defense in depth: multiple independent hardware checks that protect your wallet from both physical and digital attacks.

Hardware-enforced PIN protection

Your PIN is the key to your wallet, but it is never stored on the device. Instead, it is used to temporarily build the key that decrypts your private keys.

This process is secured by a collaboration between the main microcontroller (MCU) and the two secure elements.

  1. You enter your PIN. The MCU prepares your PIN for verification.
  2. First check with TROPIC01. The MCU sends the prepared value to the TROPIC01 chip. TROPIC01 mixes in its own secret and returns a transformed value. This step consumes a one-time physical slot inside the chip, enforcing a hardware-level limit on attempts.
  3. Second check with OPTIGA. The transformed value is sent to OPTIGA Trust M. It verifies the value and, if correct, contributes its final secret piece. OPTIGA enforces its own independent attempt limit using a non-resettable counter.
  4. Wallet access granted. Only with the final piece from OPTIGA can the MCU assemble the key to decrypt your wallet. This key exists only for a moment in memory and is never stored.

After too many incorrect PIN attempts, the secure elements permanently lock to protect your wallet. You can always restore your wallet using your wallet backup.

To understand how your PIN protects your device from unauthorized access, read PIN protection on Trezor devices.

Device authenticity verification

Trezor Suite proves your Trezor Safe 7 is genuine using a cryptographic check that requires certificates and keys stored on the device's chips.

  • TROPIC01 stores and protects part of the device identity and performs signed challenges to prove the chip and firmware are authentic.
  • OPTIGA Trust M provides an additional protected identity store and cryptographic checks.
  • STM32U5 (main microcontroller) coordinates the exchange. It verifies responses from both secure elements against SatoshiLabs' public keys, so a cloned or swapped component fails verification.

An independently auditable secure element (TROPIC01) and an EAL6+ certified one (OPTIGA Trust M) both run the authenticity check.

Secure randomness for wallet creation

When you create a new wallet, Trezor Safe 7 combines randomness from every source available: the host computer, the main microcontroller (STM32U5), OPTIGA Trust M, and TROPIC01. Each chip contributes its own entropy, and mixing them ensures that no single source can determine the result.

This combined entropy is used to generate your wallet backup, so your recovery seed and private keys are unique and unpredictable.

TROPIC01 and OPTIGA Trust M both supply hardware randomness from dedicated True Random Number Generators (TRNGs). TROPIC01's design allows independent experts to review how its randomness works.

Defense in depth

Trezor Safe 7's three hardware layers complement each other to create layered protection.

  • Independent limits. TROPIC01 enforces attempt limits through physical slot consumption. OPTIGA enforces its own limit using a non-resettable counter in secure memory.
  • Tamper detection. Both secure elements contain voltage, temperature, and laser sensors that can block operations or wipe secrets if tampering is detected.
  • Resilient coordination. The MCU manages communication but cannot override chip-level protections. If one secure element fails or is tampered with, the other still enforces limits.

Video: Why Trezor Built Its Own Secure Element

Summary

The three hardware layers in Trezor Safe 7 combine an independently auditable secure element (TROPIC01), an EAL6+ certified secure element (OPTIGA Trust M), and a main microcontroller that coordinates the work between them.

TROPIC01 and OPTIGA Trust M verify authenticity, enforce PIN limits, and produce secure randomness for your wallet backup. The MCU orchestrates these operations but does not hold secrets and cannot override what the secure elements enforce.

Trezor Safe 7
Byl tento článek užitečný?
;