A laser attack was found against TROPIC01, the open secure element behind the Trezor Safe 7.
Some will see this as a failure of open hardware.
I'd argue it's evidence that open auditing works.
Tropic Square handed the chip to Ledger's Donjon team for evaluation — a direct competitor. Under laboratory conditions, the Donjon team decapsulated the chip and used a precision 1064 nm laser to bypass firmware signature verification.
The vulnerability was discovered, disclosed, and documented publicly. The underlying issue requires a new silicon revision to fully address, not just a firmware update.
Closed hardware may have fewer reported flaws. That doesn't necessarily mean fewer flaws. It often means fewer eyes — and less visibility when something breaks.
#BTC #Security #Trezor
CapitMonet / Capitium Monetra
npub15q…n43pr
2026-06-03 18:18:09 UTC
Author Public Key
npub15qydznwe6gl3j57qusn0x8tum2fxlgkyt30udrpz6tctngr22zkqvn43prPublished at
2026-06-03 18:18:09 UTCEvent JSON
{
"id": "e81481bd56b50e4d279aa8361f9a589757d4c7a3331e596516209e88c8f143f6",
"pubkey": "a008d14dd9d23f1953c0e426f31d7cda926fa2c45c5fc68c22d2f0b9a06a50ac",
"created_at": 1780510689,
"kind": 1,
"tags": [
[
"alt",
"A short note: A laser attack was found against TROPIC01, the ope..."
],
[
"t",
"BTC"
],
[
"t",
"btc"
],
[
"t",
"Security"
],
[
"t",
"security"
],
[
"t",
"Trezor"
],
[
"t",
"trezor"
],
[
"client",
"Amethyst"
]
],
"content": "A laser attack was found against TROPIC01, the open secure element behind the Trezor Safe 7.\n\nSome will see this as a failure of open hardware.\n\nI'd argue it's evidence that open auditing works.\n\nTropic Square handed the chip to Ledger's Donjon team for evaluation — a direct competitor. Under laboratory conditions, the Donjon team decapsulated the chip and used a precision 1064 nm laser to bypass firmware signature verification.\n\nThe vulnerability was discovered, disclosed, and documented publicly. The underlying issue requires a new silicon revision to fully address, not just a firmware update.\n\nClosed hardware may have fewer reported flaws. That doesn't necessarily mean fewer flaws. It often means fewer eyes — and less visibility when something breaks.\n\n#BTC #Security #Trezor",
"sig": "9eea937f16defa27980c66635d099ebdefac17e4b896926ecc9508ce746404b0381f266e20f3848afb5a2dca3b99991411a99ccb35fb07568666d37de05d1381"
}