An audit by Ledger Donjon revealed a hardware vulnerability in the TROPIC01 Secure Element chip used in Trezor Safe 7 hardware wallets. The attack, a laser fault injection, can extract one of three secrets protecting the PIN, reducing security from three layers to two. However, full exploitation requires physical possession, disassembly, and specialized lab equipment. Trezor states that user funds remain protected because the PIN and private keys are not stored on the TROPIC01 chip alone. Cyvers called the attack highly impractical. The vulnerability cannot be patched via firmware update, raising questions about refunds. Despite this, experts note that common threats like phishing and seed phrase theft pose greater risks to most users.

Key facts

• Ledger Donjon discovered laser fault injection attack on TROPIC01 chip.
• Attack reduces PIN protection from three layers to two.
• Requires physical wallet possession, disassembly, and lab equipment.
• User funds remain protected per Trezor and Cyvers assessment.
• Vulnerability is hardware-based and cannot be patched by firmware.

KeyAudit data perspective