Security Research

Donjon @ Ledger

We are the security research team at Ledger, dedicated to protecting your digital assets through cutting-edge security research, vulnerability discovery, and open-source tools.

Bug Bounty Program About Us Read the Donjon Blog

Security Bulletins

Technical details of past security issues, their impact, and available patches.

Threat Model

Comprehensive documentation of security objectives and mechanisms.

Tools Suite

Open-source security research tools for hardware and software analysis.

Bug Bounty

Report vulnerabilities and earn rewards for helping secure Ledger products.

Latest Blog Posts

View all posts

Apr 29, 2026 New

The Hidden Risk of Side-Channel Attacks on Post Quantum Cryptography

The Hidden Risk of Side-Channel Attacks on Post Quantum Cryptogra...

Feb 26, 2026

Quantum Computing’s Threat to Blockchain: The Enduring Need for Secure…

Quantum Computing’s Threat to Blockchain: The Enduring Need...

Jan 27, 2026

Enforcing BIP32 Hardened Derivation Prefixes for Enhanced Security

Enforcing BIP32 Hardened Derivation Prefixes for Enhanced Securit...

Latest Security Bulletins

View all bulletins

LSB 021

Ledger Security Bulletin 021

Missing parameter validation during MCU firmware update

LSB 020

Ledger Security Bulletin 020

Ledger Live incorrectly parses some EIP-712 messages

LSB 019

Ledger Security Bulletin 019

Invalid addresses for certain miniscript policies

Found a vulnerability?

We reward security researchers who help us protect our users. Join our bug bounty program and get recognized in our Hall of Fame.

Submit a Report Hall of Fame