Ledger find security flaw in TROPIC01 (Trezor's Safe 7 chip)

[OmegaStarScream]

Trezor disclosed a security flaw in the TROPIC01 chip used in its Safe 7 hardware wallet after Ledger's Donjon security team identified a successful laboratory attack, but the company says the vulnerability does not put user funds at risk.

The flaw affects only one of the wallet's multiple security layers and would require physical access, specialized equipment and advanced expertise to exploit, with no evidence of real-world attacks or compromised devices.

And this is the official response from Trezor [1][2].

TLDR; This should not affect the user funds in anyway.

[1] https://trezor.io/blog/news/Trezor-response-TROPIC01-chip-disclosure-no-impact-to-your-funds
[2] https://x.com/Trezor/status/2062113395994738962

[Charles-Tim]

The site is making sign-in mandatory and there is error when I want to register an account on the site. No threat because it requires physical attack on the device?

If it is like that, it is the same just as old Trezor model One and model T that did not have the  secure element. If it is like that, I still prefer Trezor. It is one still one of the best hardware wallet.

But my preferred hardware wallet are airgapped.

My best cold wallets are the ones I set up myself on an airgapped device.

[OmegaStarScream]

The site is making sign-in mandatory and there is error when I want to register an account on the site. No threat because it requires physical attack on the device?

Yes, I believe you can only read three articles on Coindesk before making an account becomes mandatory now (switching to Incognito should allow you to read it too)

From my understanding, there is "no threat" because the chip with the security flaw is one of MULTIPLE security layers the Safe 7 device has, not because physical access is required. So this flaw (alone) should not put the user's funds at risk.

[Charles-Tim]

Yes, I believe you can only read three articles on Coindesk before making an account becomes mandatory now (switching to Incognito should allow you to read it too)

I have tried it with incognito mode, it is still the same. Probably because I have tried it before. Before I posted that, I cleared my browser cache, but was still the same. Maybe I can try the incognito on a new browser instead to know if it would work.

From my understanding, there is "no threat" because the chip with the security flaw is one of MULTIPLE security layers the Safe 7 device has, not because physical access is required. So this flaw (alone) should not put the user's funds at risk.

I have read part of the new links that you posted, I do not even see it as a vulnerability yet unless the 3 security layer has been breached. Laser fault injection attack only affected the TROPIC01 Secure Element chip, but according to Trezor there are two other layers of security that need to be breached before pin and other sensitive information can be known.

So for now, physical attack on the hardware wallet is useless.

[dkbit98]

Donjon team, this is the one good thing in whole ledger team, and I gave them credits many time.
I was just reading the post on both trezor and donjon website, and it was expected for first chip version to have some flaws.
This is one of the reasons why I didn't purchase Trezor Safe 7, it's better to wait until they release updated chip version.

[ABCbits]

The site is making sign-in mandatory and there is error when I want to register an account on the site. No threat because it requires physical attack on the device?

You may want to see the article written by Ledger Donjon on https://donjon.ledger.com/blog/tropic01-laser-fault-injection/.

When a laser pulse hits SPECT logic during execution, it (often) corrupts the computation, causing the (otherwise valid) signature verification to fail. But the chip itself, and in particular the main CPU, does not crash — it simply reports a verification failure and continues operating. By scanning across the die and recording which positions caused failures, we built a map of the SPECT logic location.

There are many reason it's difficult to reproduce, but personally i believe this part is most tricky to execute.

[cygan]

to exploit this flaw, an attacker would have to bypass all security measures simultaneously in order to access the sensitive wallet data.
this would make the attack extremely difficult, and the attacker would have to:

• have physical access to the device
• completely disassemble the hardware
• open the chip housing
• and much more

[fullfitlarry]

And so cyber criminals take advantage of this security flaw,



https://x.com/lopp/status/2062505144474837060

The phishing continues, so just be aware guys, there have been a lot of attacks, online and physical lately.

If you encounter this is fake and obviously a phishing attempt. Don't click the link otherwise you will be redirected to a site that will drain your crypto.

[FinneysTrueVision]

I still use an older model Trezor and this would not discourage me from upgrading to a Safe 7. There was another model of Trezor that also had a vulnerability that could only be exploited with physical access to the device and specialized hardware. I have not seen any documented cases of a real world exploit to this day. Even with all the necessary tools and knowledge to pull off this kind of attack, you would still fail if the seed had a passphrase.

The flaw in the TROPIC01 is only theoretical under real world conditions. In my opinion, Trezor hardware wallets are still some of the safest places to store crypto because of their commitment to security and transparency.

[n0nce]

I still use an older model Trezor and this would not discourage me from upgrading to a Safe 7. There was another model of Trezor that also had a vulnerability that could only be exploited with physical access to the device and specialized hardware.

The Trezor One, maybe? It is vulnerable to hardware-based attacks, although these obviously require some specialized hardware and skills.
However, this should absolutely be part of your attacker model if you buy a hardware wallet. It's one of the big advantages over a dedicated, fully airgapped laptop, for instance. You cannot just pop out its hard drive and extract the keys, especially when hardware wallets use a dedicated secure element chip with physical tampering protection and detection mechanisms.

I have not seen any documented cases of a real world exploit to this day. Even with all the necessary tools and knowledge to pull off this kind of attack, you would still fail if the seed had a passphrase.

Then you missed these? And yes, if you do use a passphrase you'll still be secure, but then you also don't necessarily need a hardware wallet; just post your seed phrase online and remember the passphrase. ^{Please nobody quote me on this, it's a joke!}

https://www.youtube.com/watch?v=dT9y-KQbqi4
https://www.youtube.com/watch?v=MhJoJRqJ0Wc
https://www.youtube.com/watch?v=akMkE2fVw3k
https://voidstarsec.com/blog/replicant-part-1
https://www.usenix.org/system/files/woot19-paper_oflynn_0.pdf

The flaw in the TROPIC01 is only theoretical under real world conditions. In my opinion, Trezor hardware wallets are still some of the safest places to store crypto because of their commitment to security and transparency.

The TROPIC01 is definitely a huge step-up from the simple STM32 microcontroller used in the Trezor One, which had zero hardware-level protection mechanisms.