Trezor has revealed a vulnerability in its flagship Safe 7 hardware wallet, but affirms that user funds "remain protected" due to the nature of the exploit.

The vulnerability was uncovered during an independent security audit by the Ledger Donjon team, which reported a successful "laser fault injection attack" against the TROPIC01 Secure Element chip. It enables an attacker to extract one of three "secrets" that protect a user's PIN, effectively reducing three layers of protection to two.

"The vulnerability concerns only the TROPIC01 Secure Element chip, one of three physical, independent security layers. Compromising TROPIC01 alone is not enough to give access to the PIN, which is the final layer of protection for your funds," the Trezor blog states. "It also cannot result in tampered Trezor Safe 7 devices with persistent malicious firmware."

It's worth noting that Trezor says that such an attack requires physical possession of the hardware wallet, for the attacker to disassemble it, and for specialized lab equipment to be used. As such, Trezor still calls the TROPIC01 chip an "effective barrier" of protection which "requires significant time and effort to exploit," adding that "users’ funds remain safe."

Blockchain security firm Cyvers echoed Trezor’s assessment that user funds are "safe," telling Decrypt that the attack appears "highly impractical."



Hardware wallets, otherwise known as "cold" wallets, store private keys offline on a physical device. This is in contrast to hot wallets, like MetaMask, which store the user's keys on locally installed software or on cloud-based servers. In the case of the Trezor Safe 7 wallet, the blog post says that the user's keys are fortunately not stored in the TROPIC01 chip.

Unfortunately, due to the vulnerability being hardware-based, the exploit cannot be patched with a firmware update. Trezor did not immediately respond to Decrypt's request for comment on whether it will accept refund requests from customers.

"Hardware wallet security should not be evaluated only by whether a chip can eventually be attacked in a lab," Deddy Lavid, CEO of Cyvers, told Decrypt. "For most users, the much larger risk is still phishing, seed phrase theft, malicious dApps, and blind-signing transactions they do not fully understand."

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。