Alle Artikel

TROPIC01 chip vulnerability disclosure: what happened

The security research team at Ledger Donjon received the new TROPIC01 chip from Tropic Square to help identify potential security risks. In late January 2026, they discovered a vulnerability in the chip after performing a laser fault injection attack. Tropic Square then informed Trezor once they had confirmed the findings, a few days after being notified by the Donjon team. This attack highlights a vulnerability in one of our chips used in the Trezor Safe 7, not the full layered security architecture of the device itself, which has never been hacked. The TROPIC01 chip was evaluated by the Ledger Donjon team separately from the device.

Due to the Ledger Donjon findings, Tropic Square identified an attack that allows a bad actor to run custom firmware, execute arbitrary code on the TROPIC01 chip, and access its secrets, such as those relating to the device authenticity check and PIN protection. To be clear, this cannot be used to create tampered Trezor Safe 7 devices or result in a supply chain attack against Trezor. In practice, they glitched the moment when the TROPIC01 chip verifies the installation of new firmware onto the chip and the moment when the chip verifies its firmware again during power-up. This way, the verification can be bypassed, and the attacker can load and run custom firmware. Once the device powers off, the physical attack needs to be executed again.

image 01.jpg

This is a highly professional and extremely difficult attack that requires physical possession, disassembly, desoldering, backside decapsulation, specialized lab equipment, and deep expertise to find and execute.

What the attack does NOT do:

  • Most importantly, this attack doesn’t compromise your PIN, which protects your funds.

  • It must be executed during every device power-up, so it cannot create tampered Trezor Safe 7 devices with persistent malicious firmware (no supply chain attack threat to Trezor).

  • It cannot affect the random number generation that’s used to generate a wallet backup during onboarding before any funds are stored. Also, randomness is obtained from multiple sources (STM32U5, Optiga, TROPIC01, host computer).

  • It does not “hack” the PIN, which is secured by multiple other layers beyond the TROPIC01 chip

What’s affected by this attack

One layer of PIN protection encryption — The attack can extract one of the secrets that take part in PIN protection. An attacker would still need to compromise both the Optiga and STM32U5 chips, and brute-force the user's PIN before trying to access the wallet backup.

Essentially, three physical barriers are reduced to two after this difficult attack takes place. The complexity and cost of the attack still ensure the chip gives added protection for the user. This is a vulnerability and is not a hack that could be used to steal user funds. The Trezor Safe 7 has never been hacked.

One layer of device attestation — Attestation material verifies the device's authenticity, so fake devices are flagged. This material can be extracted during this attack, but Trezor's device check also relies on the Optiga/STM32U5 chips and Trezor Suite for the verification process. TROPIC01, compromised alone, is not sufficient to fully bypass authenticity verification.

How the TROPIC01 chip is used in the Trezor Safe 7

Secure Element chips are used to secure sensitive information in your hardware wallet.

TROPIC01 is the world’s only Secure Element anyone can audit. While other chips ask users for their trust, TROPIC01 lets them verify. Part of this open-architecture-first approach is to push the limits of what’s possible.

The TROPIC01 chip is one of several (including the MCU chip) that does one main thing:

- Enforce PIN protection

This chip secures one of three secrets that protect the PIN. The TROPIC01 chip itself doesn’t know the PIN, passphrase or wallet backup. After 10 invalid PIN entries, the Secure Element chip wipes the secret.

The keys to your coins / funds are not stored on the TROPIC01 Secure Element chip, and neither is your wallet backup. This is by design to ensure there is no single point of failure in the device, unlike other security models that rely on a single Secure Element chip to protect all the secrets.

How PIN and wallet backup protection work in the Trezor Safe 7 at a glance:

image 02.jpg

This will help frame what the attack is targeting and why your funds still remain secure.1

Important (PIN protection): The PIN itself acts as an independent barrier. So even if all three physical chips were somehow compromised (again, it has never happened), the attacker would still need to brute-force the PIN. This is why a strong PIN can enhance your security.

Using a 4-digit PIN and having three chips securing it altogether is a very secure setup and enough for most users. You can read more about PIN protection best practices here.

Why Trezor uses multiple security layers (your device will still be secure even if this attack occurred)

The core of our security is distrust. Don’t trust anyone, don’t trust anything. We use a hardware wallet because we can’t trust a computer or our phone to manage the wallet backup and transactions. Trezor Safe 7 doesn’t just contain one chip, but multiple. The reason this attack has a limited effect is because we’ve designed the device to not trust any chip or vendor… even Trezor or Tropic Square. Neither Secure Element chip in the device trusts the others. Rather, they protect a separate part of the secret in case the other is compromised. This layered security ensures the best protection for your funds in the event of an advanced attack.

Trezor’s design decision not to validate the PIN against one single chip is what limits the impact in this case. This multi-chip, layered architecture secures against structural weaknesses - an attacker would need to break several locks instead of one.

On top of that, these chips come from different manufacturers and are made in different countries, further diversifying security.

Trezor Safe 7’s layered security system:

image 03.jpg

Why we’re disclosing this news (what it means for Trezor and open security)

We’re releasing this news proactively, not because anyone’s funds are at risk, but because this is how open-source security should work. Transparency is non-negotiable.

We don’t believe obscurity = security. Layered, open-source protection helps identify vulnerabilities and strengthens crypto security over time. Closed systems and NDA-protected Secure Element chips do the opposite, hiding risks behind black-box designs and forcing users to trust what they can’t verify. Without transparency, it may be impossible for users to know whether the technology is at risk because companies cannot disclose any vulnerabilities. For example, in 2019 we tested a widely used Secure Element chip and found it didn’t meet our security standards. We also weren’t permitted to publicly disclose the vulnerabilities we identified due to an NDA. This chip was being widely used in the security industry.

Finding and publishing vulnerabilities can be challenging for your brand, but it makes the industry (and your security) stronger. We are built on Bitcoin’s open-source foundations/ethos and this approach has helped it become one of the most secure systems in the world.

We cannot ignore that security is always evolving as technology changes, and only by accepting this reality and sharing findings with the community can we grow and improve.

So, in revealing this to the community:

• Researchers can continue to examine and test our security in the open • Discoveries like this continue to push security standards higher across the industry and give the wider ecosystems lessons they can apply immediately • We can move away from closed, black-box alternatives that hide vulnerabilities

Even though this vulnerability was found, the findings show that TROPIC01 is extremely hard to crack.

Response to the findings

As this attack targets the hardware, a fix cannot be applied remotely with a firmware update. The Tropic Square team has been working on improvements to mitigate this vulnerability in hardware and firmware for the next chip release. Your Trezor Safe 7 remains a perfectly safe and secure hardware wallet, with multiple layers of security protecting your PIN and funds, even if this attack were to occur. The Tropic chip remains an effective barrier that requires significant time and effort to exploit. Final thoughts and what actions you need to take For users, we want to reiterate that your funds remain safe and secure.

This sophisticated attack requires the physical device and if executed, can only be used to extract 1 of 3 secrets that protect the PIN from brute-force attacks. The PIN itself also offers an additional layer of security along with the physical chips.

We want to thank both the Ledger Donjon team and Tropic Square for approaching this in an open and professional manner that allows the security community to grow and improve, so that everyone can benefit.

If you have any questions, please reach out to the team here. We will never contact you directly via the phone or ask for your wallet backup.

War dieser Artikel hilfreich?
;