In early June 2026, the most-watched name in hardware wallets came under attack from its biggest rival's lab — and the result is a rare, public look at how far a laboratory-grade chip exploit can actually go.
What Ledger Donjon Actually Did to the Chip
Ledger's in-house research team, Donjon, used a calibrated 1064 nm laser to decapsulate Trezor's TROPIC01 secure element and defeat its firmware signature verification during the boot and update path. To prove unauthorized code execution, Donjon forced the chip to return the string "HACK" in a device-identification response . This is an invasive, lab-only physical attack — not a remote or software exploit.
Quick Answer: Ledger's Donjon team used a 1064 nm laser to decapsulate Trezor Safe 7's TROPIC01 chip and bypass firmware verification, extracting a subset of chip secrets. The attack needs physical possession and specialized lab gear — Trezor says user funds, keys, and PINs were never at risk.
The timeline was deliberate. Donjon formally notified Tropic Square — Trezor's sister company that designs TROPIC01 — of the laser fault-injection attack in late January 2026, and the coordinated public disclosure was published June 3, 2026 . Tropic Square had supplied the chip samples to Donjon for the independent audit in the first place.
After the initial alert, Tropic Square's own analysis surfaced a second, more complex path. It targets MAC-and-Destroy — TROPIC01's counterless, no-rollback PIN-verification boundary, where each attempt irreversibly consumes hardware state rather than checking a stored hash or resetting a retry counter . That makes the follow-up notable: it pokes at a core brute-force and rollback-resistance claim.
One caveat for readers tracking the technical record: no CVE identifier has been assigned, and no full Donjon technical writeup has been released. Details are being withheld until hardened silicon is available . For now, the public picture rests on Trezor and Tropic Square's impact assessment, not independently reproducible exploit code.
Why Trezor Says Funds Are Still Safe — and Why the Architecture Matters
Trezor's core argument is that breaking TROPIC01 alone does not unlock a wallet, because no single chip in the Safe 7 holds the full secret. The device splits trust across three independent components, so private keys, wallet backups, and the PIN itself are never stored on the chip Donjon attacked . An attacker would have to defeat every layer at once.
Those three layers each play a distinct role in the Safe 7, launched October 21, 2025 :
| Component | Role in the wallet |
|---|---|
| TROPIC01 (open secure element) | PIN enforcement, device authenticity, and entropy for wallet creation |
| Infineon OPTIGA Trust M | Second secure element that verifies TROPIC01's output and adds a final secret piece |
| STM32U5G main MCU | ARM Cortex-M33 at 160 MHz that assembles the transient decryption key |
The PIN flow runs as a multi-party computation. TROPIC01 consumes a one-time hardware slot and contributes a transformed value; OPTIGA verifies that value and adds its own secret piece; only then does the MCU assemble the transient key that decrypts the wallet . That key exists only briefly in volatile memory and is never stored whole in any one component.
The threat model is also purely physical. According to CoinDesk, exploitation demands physical possession, disassembly and desoldering, backside decapsulation of the chip, a connection to a custom board, and an expensive laser fault-injection rig with expert operators. Trezor states the issue is not remotely exploitable, cannot mass-produce devices carrying persistent malicious firmware, and requires no customer action .
"A vulnerability in TROPIC01 does not put user funds at risk," — Matej Žák, CEO of Trezor (source: CoinDesk).
The defense-in-depth design is the whole point: a single compromised chip leaks a subset of its own secrets, not the wallet. For that reason, The Block notes Trezor's user-facing guidance still tells Safe 7 owners to take no action.
What Comes Next: Fix Timeline and the Donjon Pattern
The flaw cannot be fully patched by firmware on devices already in customers' hands, because it lives in the silicon itself. Trezor says a complete fix requires new hardware: Tropic Square is developing a hardened TROPIC01 revision, reported by The Block as targeted for late 2026, with fuller technical details expected in spring 2027 .
In the meantime, disabling TROPIC01's MAINTENANCE mode closes the primary entry point and raises attack complexity, according to The Block . Trezor's user-facing guidance, however, is unchanged: Safe 7 owners need take no action, since the attack is invasive, lab-grade, and not remotely exploitable .
Step back, and a pattern emerges. Ledger's Donjon team has now disclosed lab-grade physical attacks against two rival cold-storage products in under a year:
- Tangem (Sept–Oct 2025): a "tearing attack" that cut power before a failed PIN registered, enabling roughly 2.5 attempts per second on an estimated $5,000 rig — about a 100x brute-force speedup, unpatchable on circulating cards .
- Trezor TROPIC01 (June 2026): a laser fault-injection attack on a decapsulated chip, requiring physical possession, desoldering, and specialized lab equipment .
The vendor responses diverged sharply. Tangem disputed the severity and declined a bug bounty, turning the disclosure adversarial. Trezor instead credited the competitor that broke its chip.
"I believe the open process by which this vulnerability was found, examined, and disclosed is the model the industry should hold itself to," — Matej Žák, CEO of Trezor (source: CoinDesk).
The takeaway for traders: no action is needed today, but Safe 7 buyers should watch for the hardened silicon batch in late 2026 before assuming the chapter is closed. The broader signal is structural — invasive physical attacks against secure elements are now a recurring audit reality, and defense-in-depth, not any single chip, is what keeps funds intact.
Last updated: 2026-06-04. Reviewed against Trezor, Tropic Square, and trade-press disclosures published June 2–3, 2026.
Frequently asked questions
Does the TROPIC01 chip flaw put my Trezor Safe 7 funds at risk?
No. The Safe 7 uses a defense-in-depth, multi-chip design, so the TROPIC01 chip never holds the full wallet secret on its own. The PIN flow splits across three independent components — TROPIC01, an Infineon OPTIGA Trust M secure element, and the main MCU — and the transient decryption key is assembled only briefly in volatile memory, never stored whole in any single chip . An attacker would need to breach all three layers at once. Trezor also states the issue is not remotely exploitable and shows no evidence of real-world exploitation .
What is laser fault injection (LFI) and how hard is it to execute?
Laser fault injection is an invasive physical attack that uses a calibrated laser to perturb a chip's internal logic, forcing it to skip a security check or leak a protected value. In this case, Ledger's Donjon team decapsulated TROPIC01 and used a 1064 nm laser to defeat firmware signature verification on the boot path . It is a lab attack, not a street attack: it requires physical possession of the device, disassembly and desoldering, backside decapsulation, a custom connection board, an expensive specialized laser rig, and expert knowledge .
Will Trezor release a firmware fix for the Safe 7?
Not a complete one. Because this is a hardware-level flaw, Trezor says it cannot be fully patched remotely by firmware on existing devices. Instead, Tropic Square is preparing a hardened TROPIC01 silicon revision targeted for late 2026, with fuller technical details expected in spring 2027 . Trezor's user-facing guidance currently says Safe 7 owners need take no action, citing the multi-layer architecture as protection in the interim .
What is TROPIC01 and why is it significant?
TROPIC01 is the first fully open and auditable secure element used in a consumer hardware wallet. It is built around an open RISC-V controller core with a custom cryptographic coprocessor and a hardware root of trust, and its source code is publicly available for review . That matters because most hardware-wallet secure elements are proprietary black boxes that outsiders cannot inspect. Trezor framed this disclosure as validation of an open model, with CEO Matej Žák saying the open process by which the flaw was found and disclosed is "the model the industry should hold itself to" .
Is this connected to Ledger's earlier Tangem attack disclosure?
Yes — it is Ledger Donjon's second major disclosure against a rival cold-storage product in under a year. In September–October 2025, Donjon revealed a "tearing attack" on Tangem cards that cut brute-force time for a 4-digit PIN from roughly 5 days to under 1 hour, using a rig estimated at around $5,000 . The difference is in the response: Tangem disputed the severity and declined a bounty, while Trezor credited the competing researchers and emphasized its multi-layer defense .
