Trezor and Tropic Square disclosed a vulnerability in the TROPIC01 Secure Element chip used in the Trezor Safe 7 hardware wallet on June 3, following an independent security audit by the Ledger Donjon team. The vulnerability allows attackers to extract one of three protective secrets through a laser fault injection attack, reducing the wallet's security layers from three to two. The exploit requires physical possession of the device, disassembly, and specialized laboratory equipment, with Trezor stating that user funds remain protected due to these constraints and the chip not storing private keys.
Ledger Donjon Team Identifies TROPIC01 Chip Vulnerability
The Ledger Donjon team conducted an independent security audit that successfully executed a laser fault injection attack against the TROPIC01 Secure Element chip. The attack enables extraction of one of three secrets protecting a user's PIN. According to Trezor's blog post, the vulnerability concerns only the TROPIC01 Secure Element chip, which represents one of three physical, independent security layers in the Safe 7 wallet. Trezor stated that compromising TROPIC01 alone does not provide access to the PIN, which serves as the final protection layer for user funds.
Attack Requires Physical Access and Specialized Equipment
Trezor specified that executing the exploit requires an attacker to physically possess the hardware wallet, disassemble the device, and use specialized lab equipment. The company described the TROPIC01 chip as an "effective barrier" of protection that "requires significant time and effort to exploit." Trezor emphasized that the attack cannot result in tampered Safe 7 devices with persistent malicious firmware. The vulnerability is hardware-based and cannot be patched through a firmware update.
Trezor Confirms User Funds Remain Protected
Trezor stated in its blog post that "users' funds remain safe" and that "Trezor Safe 7 has not been hacked." The company noted that the user's private keys are not stored in the TROPIC01 chip. Trezor posted on June 3 that "Your funds remain safe and secure" despite the disclosed vulnerability. The company characterized the three-layer security architecture as maintaining protection even with one layer compromised.
Cyvers Assesses Attack as Highly Impractical
Blockchain security firm Cyvers confirmed to Decrypt that user funds are "safe" and described the attack as "highly impractical." Deddy Lavid, CEO of Cyvers, stated that "Hardware wallet security should not be evaluated only by whether a chip can eventually be attacked in a lab." Lavid added that "For most users, the much larger risk is still phishing, seed phrase theft, malicious dApps, and blind-signing transactions they do not fully understand."
Hardware Wallet Architecture Provides Multiple Security Layers
Hardware wallets store private keys offline on a physical device, contrasting with hot wallets like MetaMask that store keys on locally installed software or cloud-based servers. The Trezor Safe 7 employs three independent physical security layers, with the TROPIC01 Secure Element chip representing one layer. Trezor's blog post confirmed that private keys are not stored in the TROPIC01 chip, maintaining separation between the compromised component and the most sensitive cryptographic material.
FAQ
What vulnerability did the Ledger Donjon team find in Trezor Safe 7?
The Ledger Donjon team discovered a laser fault injection attack vulnerability in the TROPIC01 Secure Element chip that allows extraction of one of three secrets protecting a user's PIN, reducing the wallet's security layers from three to two.
Why does Trezor say user funds remain safe despite the vulnerability?
Trezor states that user funds remain protected because the exploit requires physical possession of the wallet, disassembly, and specialized lab equipment to execute, and because the TROPIC01 chip does not store private keys, with the PIN serving as a final protection layer that cannot be accessed by compromising the chip alone.
Can the TROPIC01 chip vulnerability be fixed with a software update?
No, the vulnerability is hardware-based and cannot be patched through a firmware update, according to Trezor's disclosure.
