Ledger has published the results of a study revealing a vulnerability in the TROPIC01 chip used in Trezor Safe 7 hardware wallets. Despite the discovery of this vulnerability, Trezor emphasizes that users’ funds and their data remain secure.
This is reported by Finway
Details of the Vulnerability in TROPIC01 Chip
The TROPIC01 microchip, developed by Tropic Square, is a secure element designed to protect confidential information. Its unique feature is open-source code, allowing independent experts to examine the device’s structure.
Researchers from Donjon (a Ledger subsidiary) used the Laser Fault Injection (LFI) method to bypass the digital signature verification performed by the Ed25519 algorithm before firmware execution. They employed an infrared laser with a wavelength of 1064 nm, focused on a 5-micrometer diameter area of the chip. The manipulation was conducted at a critical moment just before the signature verification was completed, allowing the chip to incorrectly recognize the signature as valid.
As a result, Ledger specialists were able to upload arbitrary code to the device. To confirm this, the experts sent a command that responded with the word HACK. The method worked regardless of the state of the chip’s internal sensors.
At the same time, the experts were unable to access confidential data stored in the specialized MAC-and-Destroy (MACANDD) hardware module. The company notes that the primary level of protection is located directly within the structure of the silicon chip.
After the publication of the research results, Tropic Square announced the discovery of a new attack vector that could pose a threat to the confidentiality of data protected by MAC-and-Destroy. Details are not disclosed until an updated version of the chip is released.
“Further internal analysis conducted by Tropic Square revealed that the actual security boundary for MAC-and-Destroy is not at the hardware level, uncovering a potentially exploitable architectural vulnerability. Exploiting the MAC-and-Destroy vulnerability requires a deep understanding of the TROPIC01 architecture,” the company’s note states.
The updated TROPIC01 chip is expected to be available for sale by the end of 2026, and a full technical report on the vulnerability is planned for publication in spring 2027.
Trezor and Market Reaction
Trezor emphasized that executing such an attack requires physical access to the device, laboratory equipment, and significant expertise. TROPIC01 is just one of three independent security levels in Trezor Safe 7. In addition to it, OPTIGA Trust M (V3) chips and the main STM32U5 microcontroller are used for additional checks, including PIN code and device authenticity.
“Carrying out such an attack is extremely difficult. It requires physical access to the device, laboratory equipment, and deep knowledge in this field. Furthermore, TROPIC01 is only one of three independent layers of protection in Trezor Safe 7. Compromising just this layer will not give an attacker any access to the user’s backup or funds.”
Trezor noted that all tests were conducted not on the final device but directly on the chip. Specialists from Cyvers, a blockchain security firm, also assured that users’ funds are safe, as the attack is highly complex for practical application. Tropic Square is already developing an updated microchip that will eliminate the discovered vulnerability.
Trezor CEO Matej Zak emphasized the importance of open disclosure and study of such vulnerabilities to enhance the security of the entire industry.
