Trezor Reveals Hardware Wallet Vulnerability, But Funds 'Safe' - Decrypt

In brief

An audit by the Ledger Donjon team found a hardware vulnerability relating to Trezor's TROPIC01 Secure Element chip.

The attack could reveal one of three "secrets" that protect a users PIN, reducing the wallet's original three layers of protection down to two.

For the exploit to take place, the attacker must physically possess the wallet, disassemble it, and use specialized lab equipment.

Trezor has revealed a vulnerability in its flagship Safe 7 hardware wallet, but affirms that user funds "remain protected" due to the nature of the exploit.The vulnerability was uncovered during an independent security audit by the Ledger Donjon team, which reported a successful "laser fault injection attack" against the TROPIC01 Secure Element chip. It enables an attacker to extract one of three "secrets" that protect a user's PIN, effectively reducing three layers of protection to two.