Trezor Says Safe 7 Funds Remain Secure After Chip Flaw

Audit Found Lab-Based Attack Path

The Trezor Safe 7 launched in October 2025, after TROPIC01 launched in early 2025. Tropic Square later initiated an independent security review of the chip.

Ledger Donjon informed Tropic Square in January 2026 that it had successfully carried out a laser fault injection attack against TROPIC01 under laboratory conditions. The attack reportedly allowed researchers to extract some chip-held secrets and bypass firmware signature verification.

After Ledger Donjon’s findings, Tropic Square engineers identified an additional exploitation path that could expose another chip-held secret connected to PIN-related functions. Tropic Square notified partners, including Trezor, after identifying the additional weakness.

Trezor said users do not need to take action after the disclosure. The company said the flaw does not affect funds stored on the device because compromising TROPIC01 alone is not enough to access the wallet, PIN, or funds.

The flaw affects only one of the wallet’s multiple security layers. Trezor said an attacker would need physical possession of the device, expensive lab equipment and advanced technical expertise to attempt the attack.

Trezor also said there is no evidence that the flaw has been exploited in the real world and no evidence that devices have been compromised.

We’ve launched the all-new COIN360 Perp DEX, built for traders who move fast!

Trade 130+ assets with up to 100× leverage, enjoy instant order placement and low-slippage swaps, and earn USDC passive yield while climbing the leaderboard. Your trades deserve more than speed — they deserve mastery.

Trezor Points to Layered Wallet Design

The vulnerability is a hardware-level issue and cannot be fixed through a remote firmware update. That makes the issue different from a software bug that can be patched after disclosure.

Trezor CEO said: “Because the Trezor Safe 7 was built with multiple independent security layers, a vulnerability in TROPIC01 does not put user funds at risk.”

He also described the disclosure process as a standard the industry should follow, saying: “I believe the open process by which this vulnerability was found, examined, and disclosed is the model the industry should hold itself to.”

Trezor’s position is that open disclosure between competitors strengthens hardware wallet security because flaws can be found, reviewed and publicly explained before they become known real-world incidents.

The disclosure also highlights an unusual public security interaction between two major hardware wallet rivals. Ledger Donjon found the chip-level weakness, while Trezor and Tropic Square publicly acknowledged it and explained why they believe the Safe 7 remains secure.

The important technical distinction is that Ledger Donjon’s attack targeted the TROPIC01 chip rather than the Safe 7 wallet architecture as a complete system. Trezor said the Safe 7 uses multiple layers, so breaking or weakening one layer does not automatically unlock user funds.

Trezor said the vulnerability does not give attackers access to users’ crypto holdings, private keys or wallet backups because of the Safe 7’s layered security architecture.

Trezor also noted that Ledger Donjon had previously published independent research on Trezor devices, including a Trezor Safe 3 report involving a supply-chain-style attack scenario with physical interception, desoldering and modification of the device before it reached users.

Trezor said it had responded publicly to that earlier Safe 3 research and continued hardening its devices against those attack vectors. The company also said it was not aware of user funds being compromised.

A Trezor spokesperson said: “No Donjon research has identified a vulnerability in the Optiga secure element, and the STM32U5 used in the Safe 7 is a more recent microcontroller with no demonstrated fault-injection attack against it.”

That statement narrows the disclosed issue to TROPIC01. Trezor said the known findings do not apply to the Optiga secure element and that no demonstrated fault-injection attack has been shown against the Safe 7’s STM32U5 microcontroller.

Key Timeline

The practical attack path described by Trezor remains narrow. An attacker would need to obtain the hardware wallet, access specialized equipment and have advanced expertise, and Trezor said the flaw has not been exploited in the real world.

The central issue is not that funds were stolen or that the Safe 7 has been remotely compromised. The disclosed issue is a chip-level weakness in one component of the wallet, while Trezor says the complete Safe 7 design prevents that weakness from exposing customer assets.