Trezor Safe 7 is the first bitcoin wallet to incorporate an open source chip.
Trezor’s system mixes two digital signature methods: a classical one (ECDSA) and a post-quantum one.
The hardware manufacturer Trezor, based in Prague, has incorporated 7 mechanisms into its Trezor Safe wallet that allow future adaptations to the risks of quantum computing. This was stated by the company at an event held on October 21.
As reported by CriptoNoticias, the Trezor Safe 7 wallet, the company’s latest wallet, is the first bitcoin and cryptocurrency wallet. to incorporate an open source secure element chipcalled Tropic01.
The Trezor Safe 7 also includes support for quantum-resistant cryptographic algorithms through firmware updates, without requiring physical changes to the device once it leaves the factory. In this way, the team can incorporate post-quantum standards as quantum threats advance or the feared Q-day.
The Trezor Safe 7 wallet incorporates hardware designed to support future post-quantum updates from the factory. This means that if quantum computing advances significantly in the coming years, your Trezor Safe 7 will be able to run firmware that supports quantum computing.
Trezor, cryptocurrency wallet company.
Reinforcement on three levels
Specifically, the company has focused its efforts on strengthening the device’s boot chain, which consists of three sequential levels: the Boardloader, the Bootloader and the Firmware.
Each of these levels of the hardware wallet uses standards selected by the United States National Institute of Standards and Technology (NIST), one of the leading authorities in post-quantum cryptography, to ensure resistance to mitigate the threat of these devices to future attacks.
This happens thanks to the Boardloader, a small program that finds and downloads the wallet’s operating system, which is recorded at the factory and is unalterable, according to Trezor. This acts as the first line of verification when checking the integrity of the Bootloader, which is another program that de facto initializes the operating system after its authentication by the first one.
Both levels of hardware they use a hybrid scheme which combines SLH-DSA-128—part of the SPHINCS+ family and standardized by NIST in 2024—with ECDSA on the secp256r1 curve.
In other words, the system mixes two digital signature methods: a classical one (ECDSA) and a post-quantum one. The latter is recorded in the Boardloader, so that the quantum security implemented in the Trezor Safe 7 wallet is unalterable and passes from that first layer to the others. Trezor would have chosen the algorithm part of the SPHINCS+ family because these are hashing methods “well understood, backed by decades of research and have never been breached”comments the company.
The Boardloader cannot be modified once the code is written at the factory, unlike the bootloader and firmware, which can be updated at any time. Because the Boardloader must be kept secure for decades, we designed it to be ready to verify post-quantum firmware updates and to support a post-quantum authenticity check when the time comes.
Trezor, cryptocurrency wallet company.
Although the Boardloader is the first and most important authenticator of post-quantum cryptography on the device, Trezor claims that this security extends further. “Each Trezor Safe 7 includes a post-quantum device certificate to prove its authenticity in a post-quantum future,” says the company, which included an algorithm standardized by NIST, called ML-DSA-44in one of the three redundant chips (in addition to the Optiga Trust M and the new Tropic01) that make up the new wallet.
“By distributing certificates across three independent chips, we have ensured that authenticity checks remain strong, even if one layer is compromised,” Trezor closes.