Trezor Safe 7 Chip Vulnerability Disclosed, Funds Reportedly Safe

Trezor has disclosed a vulnerability in its flagship Safe 7 hardware wallet, though it maintains user funds "remain protected" given the nature of the exploit.

The vulnerability surfaced during an independent security audit by the Ledger Donjon team, which reported a successful "laser fault injection attack" against the TROPIC01 Secure Element chip. Yes, an actual laser. It allows an attacker to extract one of three "secrets" that protect a user's PIN, effectively reducing three layers of protection down to two. Tropic Square disclosed the vulnerability in the TROPIC01 Secure Element chip used in the Trezor Safe 7, identifying it based on findings from the Ledger Donjon team's independent audit. "Important: Your funds remain safe and secure. Trezor Safe 7 has not been hacked, and you…"

"The vulnerability concerns only the TROPIC01 Secure Element chip, one of three physical, independent security layers. Compromising TROPIC01 alone is not enough to give access to the PIN, which is the final layer of protection for your funds," the Trezor blog states. "It also cannot result in tampered Trezor Safe 7 devices with persistent malicious firmware."

Worth noting: Trezor says such an attack requires physical possession of the hardware wallet, disassembly, and specialized lab equipment. The company still calls the TROPIC01 chip an "effective barrier" of protection that "requires significant time and effort to exploit," adding that "users' funds remain safe."

Blockchain security firm Cyvers echoed Trezor's assessment that user funds are "safe," telling Decrypt that the attack appears "highly impractical."

Hardware wallets, otherwise known as "cold" wallets, store private keys offline on a physical device. This is in contrast to hot wallets, like MetaMask, which store the user's keys on locally installed software or on cloud-based servers. In the case of the Trezor Safe 7 wallet, the blog post says the user's keys are fortunately not stored in the TROPIC01 chip.

Unfortunately, due to the vulnerability being hardware-based, the exploit cannot be patched with a firmware update.

Trezor did not immediately respond to Decrypt's request for comment on whether it will accept refund requests from customers.

"Hardware wallet security should not be evaluated only by whether a chip can eventually be attacked in a lab," Deddy Lavid, CEO of Cyvers, told Decrypt. "For most users, the much larger risk is still phishing, seed phrase theft, malicious dApps, and blind-signing transactions they do not fully understand."