Our Response to Ledger Donjon's Latest Report
Today, Ledger Donjon published a security report on our wallet. The report mentions laser fault injection (LFI): a physical, laboratory-based attack on the chip. The report, as published, omits key details and risks misleading readers. Here's why.
What's being claimed.
It's important to be precise about what Ledger Donjon is describing. Their finding relates to how our firmware handles a specific scenario under laser fault injection probes.
Even by Ledger Donjon's own account, this attack requires:
- Physical possession of the card
- Invasive chip-level preparation
- Laser fault injection equipment
- Hardware security expertise
LFIs can't happen remotely; they require direct physical access to the chip, and they're also not scalable. The practical risk to everyday users is virtually non-existent.
The resources required are substantial: prolonged physical access to the user's card without their knowledge, plus expensive, specialized equipment and expertise typically found only in advanced semiconductor laboratories.
Independent academic researchers we recently collaborated with, who have studied LFIs extensively, put it simply: given sufficient time, funding, and access, the firmware running on any secure element can eventually be reverse-engineered and exploited.
No product on the market can claim absolute resistance to all forms of sophisticated physical attacks; this is an inherent limitation of the underlying technology rather than of any specific brand.
What security actually means in self-custody.
In self-custody, there are two ways to lose your funds: someone takes them, or you lose access to them. Both are security failures. Any honest security model has to account for both.
Tangem wallets offer users a choice between a seedless and a seed-based setup. Most of our users choose seedless, and for good reason. Seed phrase exposure remains the single most exploited vulnerability in self-custody, responsible for billions in losses. The seedless architecture eliminates that attack vector entirely.
This design also shapes how our firmware handles fault injection alerts. A seed-based wallet can afford to destroy keys at the first suspicion of a hardware attack because the user still has their recovery phrase. In a seedless architecture, that same response risks locking the user out of their own funds in case of rare false-positive sensor alerts. Whether your money is stolen or inaccessible, the result is the same.
Our firmware is designed to protect against the threats that have demonstrably caused real-world losses. Seed phrase exposure has cost users billions. According to River Financial’s 2025 study, more than 1.6M BTC ($129.6 billion) has been lost specifically due to self-custody mismanagement, and that’s just Bitcoin. Meanwhile, there have been no known real-world losses from laser fault-injection attacks on any hardware wallet to date. Our design reflects that reality.
The threats that matter most.
In this industry, a scary headline travels further than the technical detail behind it. And in this case, the detail matters a great deal. We've been focused on the attack vectors that genuinely endanger people's assets every single day.
Obscure UI that leads to misclicks. Malicious dApps. Scam smart contracts disguised as their legitimate versions. These are the threats that actually drain wallets, not laboratory attacks that require physical possession and specialized equipment.
We believe competition is healthy and security research benefits the whole industry when it is conducted and communicated with appropriate context.
Where we stand.
Our product is fully safe against real-world attack scenarios, and this report doesn’t change that. We remain focused on protecting our users against the threats that actually put their assets at risk, and that work continues every day.
We also maintain a bug bounty program, open to any researcher, affiliated with Ledger or otherwise. If you find something, we want to hear about it.
