Ledger Donjon Finds TROPIC01 Chip Vulnerability in Trezor Safe 7, Trezor Says Funds Safe

Trezor and chipmaker Tropic Square disclosed a hardware vulnerability in the TROPIC01 Secure Element chip used in the Trezor Safe 7 hardware wallet, saying the flaw does not put user funds at risk.

“Trezor says your crypto is safe after Ledger audit exposes a hardware flaw The flaw affects only one of the wallet's multiple security layers and would require physical access, specialized equipment and advanced expertise to exploit”

CoinDesk

The issue was discovered during an independent security review carried out by Ledger Donjon, the research division of rival hardware wallet maker Ledger, and Tropic Square provided the affected TROPIC01 chip to Ledger Donjon for independent testing.

CoinDesk

Ledger Donjon researchers used a laser fault injection method, physically opening the chip package and firing a precise infrared laser at the silicon to interfere with the signature verification process.

Trezor says the vulnerability cannot be fixed through a remote firmware update because it exists at the hardware level, and it also says the Safe 7 relies on multiple independent physical security layers rather than a single chip.

Trezor further stressed that the attack requires physical possession of the device and specialized laboratory equipment, and that there is no evidence the vulnerability has ever been exploited in real world attacks.

Trezor CEO Matej Žák said, "Because the Trezor Safe 7 was built with multiple independent security layers, a vulnerability in TROPIC01 does not put user funds at risk," tying the company’s assurance directly to its layered architecture.

In the same disclosure, Trezor said users do not need to take any action following the vulnerability announcement, and that compromising TROPIC01 alone would not be enough to access a user’s wallet, PIN or funds.

Cointelegraph

Blockchain security firm Cyvers argued that the lab attack does not translate into a practical threat, with Cyvers CEO Deddy Lavid saying, "Hardware wallet security should not be evaluated only by whether a chip can eventually be attacked in a lab."

Cyvers also emphasized that phishing, seed phrase theft, and blind-signing represent larger threats for most users, shifting attention away from chip-level fault injection.

The Cryptopolitan report similarly frames the risk as limited to the chip itself, stating that Trezor says the chip is only one of three layers of security and that private keys and wallet backups are not stored on the affected chip.

Tropic Square and Trezor said the vulnerability was identified after Ledger Donjon informed Tropic Square in January 2026 that researchers had successfully performed a laser fault injection attack under controlled laboratory conditions.

“Bitcoin has dropped to 14th among global assets by market capitalization after its latest selloff pushed BTC toward the mid-$65,000 range”

Crypto Adventure

After receiving Ledger Donjon’s findings, Tropic Square engineers identified an additional exploitation method tied to the same underlying weakness, which could expose another secret associated with PIN-related functions within the chip.

Trezor and Tropic Square said the Safe 7 uses three independent physical security layers, and that the TROPIC01 chip is only one of them, with other components including OPTIGA Trust M and an STM32U5 microcontroller.

Tropic Square said it is already producing a new chip batch that corrects the flaw, but that users do not need to perform any action because the vulnerability is at the hardware level and cannot be patched on existing devices via software.

The Cryptonomist report adds that the disclosure was made in collaboration with the Ledger Donjon research team and that there is no evidence of real-world exploitation, while also stating that the full technical advisory is available on the Tropic Square blog.