How vulnerable are your cryptocurrency assets when stored on hardware wallets marketed as “secure”? Recent findings from Ledger’s security research team, known as Ledger Donjon, have identified significant vulnerabilities in Trezor’s Safe 3 and Safe 5 hardware wallet models, raising concerns about the integrity of these devices in protecting digital assets.
The core issue centers on the STM32F429 chip family used in Trezor’s devices, which performs cryptographic operations despite lacking a fully integrated Secure Element. While Trezor does implement Secure Elements for PIN and key storage, the microcontroller remains susceptible to voltage glitching attacks, where deliberate power supply disruptions can potentially bypass security protocols, compromising the device’s integrity.
Despite having Secure Elements for some functions, Trezor’s core chip remains vulnerable to voltage manipulation that could bypass critical security measures.
Supply chain security presents a similarly concerning vector for potential exploitation, as devices could be compromised during manufacturing or transit before reaching end users. Malicious actors with physical access to the hardware during production could theoretically install unauthorized firmware capable of extracting private keys once activated by unsuspecting users, enabling remote theft of cryptocurrency assets. The research emphasizes that ongoing vigilance is crucial in the evolving cryptocurrency security landscape. Over $3.8 billion in cryptocurrency assets were lost to security breaches in 2022 alone, highlighting the financial stakes involved in hardware wallet security.
Trezor has responded swiftly to these security disclosures, acknowledging the identified vulnerabilities as extensions of previously known attack vectors. The company maintains that funds remain secure for customers purchasing through official channels, though they concede that certain hardware-level vulnerabilities cannot be completely mitigated through firmware updates alone. Charles Guillemet, Ledger’s CTO, has publicly confirmed that Trezor addressed the concerns and praised their rapid response time.
The findings highlight the ongoing security challenges in hardware wallet design, specifically the tension between implementing robust cryptographic protections and maintaining usability. Even with dual-chip architectures incorporating both microcontrollers and Secure Elements, the execution of cryptographic processes on vulnerable components creates persistent security gaps that sophisticated attackers might exploit.
For cryptocurrency holders, these revelations underscore the importance of purchasing hardware wallets exclusively through official channels to minimize supply chain risks. Users should also remain vigilant about firmware updates and physical security practices, as these devices, while more secure than software alternatives, still contain exploitable vulnerabilities under specific attack scenarios that security researchers continue to identify through ongoing investigation.
