Ledger Exposes Trezor Safe 7 Flaw; Layered Design Secures Funds

Alex Reeve June 3, 2026

2 min read

Trezor Safe 7 is under the spotlight after Ledger researchers uncover a sophisticated laser fault injection flaw in its open-source TROPIC01 chip, yet the hardware wallet’s multi-layer security design keeps every user’s funds fully protected with zero action required.

Ledger’s Donjon team discovers a laser fault injection vulnerability in the Trezor Safe 7’s open-source TROPIC01 chip.
Trezor’s triple-layered security architecture (TROPIC01, Infineon Optiga, and STM32) ensures user funds remain inaccessible even if the chip is compromised.
No user action is required, as the vulnerability is restricted to laboratory settings involving chip decapsulation and specialized equipment.

Listen to this article

READY

Trezor and Tropic Square disclosed the vulnerability in the TROPIC01 Secure Element chip on Wednesday. Ledger’s Donjon research team identified the issue during an independent audit. The flaw allows advanced attackers to bypass firmware signature verification using laser fault injection, but only in highly controlled laboratory conditions.

Trezor CEO Matej Žák said: “The PIN, the wallet backup, and the keys to users’ funds are never held on a single chip. That is by design.” He added that this open disclosure process “is the model the industry should hold itself to.”

The TROPIC01 functions as just one of three independent security layers in the Trezor Safe 7. The design also includes the Infineon Optiga Trust M secure element and the main STM32 microcontroller. Private keys remain encrypted on the main MCU. Accessing them requires all layers plus the correct PIN. The vulnerability affects only the TROPIC01 component and gives no direct path to user funds or seed phrases.

Ledger Donjon performed the laser fault injection attack in January 2026. They bypassed Ed25519 signature verification on the isolated chip and achieved arbitrary code execution in the lab. Tropic Square later found a secondary attack path involving the chip’s MAC-and-Destroy mechanism for certain PIN functions.

Advertisement · Press Release

Genuine News Deserves Honest Attention.

High-conviction projects require an intelligent audience. Connect with readers who value sharp reporting.

👉 Submit Your PR

Tropic Square disclosed a vulnerability in the TROPIC01 Secure Element chip used in Trezor Safe 7. It has been identified based on findings from the Ledger Donjon team's independent audit.

Important: Your funds remain safe and secure. Trezor Safe 7 has not been hacked, and you…
— Trezor (@Trezor) June 3, 2026

Real-world exploitation demands physical possession of the device, full disassembly, chip decapsulation, and expensive specialized equipment. Even successful attacks on the TROPIC01 would still leave the other two hardened layers intact. Trezor confirmed there is no supply-chain risk for devices already shipped.Trezor released a firmware update that disables the vulnerable maintenance mode. Tropic Square plans a hardened revision of the TROPIC01 chip for late 2026. No user action is needed and funds remain secure.

Chain Street’s Take

Open hardware proved its value here. A rival team found a real flaw, the makers disclosed it immediately, and the multi-layer design worked exactly as intended. For serious self-custody users, this kind of transparency builds real confidence.

CHAIN STREET INTELLIGENCE

Activate Intelligence Layer

Institutional-grade structural analysis for this article.

FAQ

Frequently Asked Questions

What is the TROPIC01 chip vulnerability?

It is a hardware-level flaw that allows advanced attackers to bypass signature verification using laser fault injection. Ledger researchers discovered this in a controlled lab environment. The exploit requires physical possession of the device and highly sophisticated laboratory equipment to achieve arbitrary code execution.

Why does this not impact my wallet funds?

The Trezor Safe 7 uses a multi-layered design where the TROPIC01 chip acts as only one of three independent security layers. Private keys are encrypted on the main STM32 microcontroller and require interaction with all layers to unlock. Even a total compromise of the TROPIC01 chip would not expose the user’s seed phrase or private keys.

Did I need to update my firmware?

Trezor has released a firmware update that proactively disables the vulnerable maintenance mode associated with the TROPIC01 chip. While no user action is technically required to secure funds against remote threats, applying the latest update is best practice for all hardware wallet users.

What is the "Layered Security" approach?

Layered security separates critical operations (like key storage and signature verification) across multiple, physically distinct chips. By distributing security responsibilities, a vulnerability in one specific component—like the TROPIC01—does not grant access to the sensitive data held elsewhere. This design philosophy prevents a single hardware flaw from becoming a catastrophic wallet drain.

How does this incident change industry standards?

The transparent disclosure process between Ledger and Trezor sets a high bar for collaborative hardware security audits. CEO Matej Žák noted that open disclosure is the model the industry must hold itself to. This approach prioritizes user safety over brand secrecy, contrasting with the closed-source nature of many other hardware vendors.

Wrench Attack: Crypto Violence Surges in Lockstep With Market Cap