Security Research

Donjon @ Ledger

We are the security research team at Ledger, dedicated to protecting your digital assets through cutting-edge security research, vulnerability discovery, and open-source tools.

Bug Bounty Program About Us Read the Donjon Blog

Security Bulletins

Technical details of past security issues, their impact, and available patches.

Threat Model

Comprehensive documentation of security objectives and mechanisms.

Tools Suite

Open-source security research tools for hardware and software analysis.

Bug Bounty

Report vulnerabilities and earn rewards for helping secure Ledger products.

Latest Blog Posts

View all posts

Apr 2, 2026 New

Security Isn’t Static: Why The Ledger Donjon Never Stops Testing

Security Isn’t Static: Why The Ledger Donjon Never Stops Te...

Mar 6, 2026 New

The Ledger Donjon Origin Story

Feb 26, 2026 New

Quantum Computing’s Threat to Blockchain: The Enduring Need for Secure…

Quantum Computing’s Threat to Blockchain: The Enduring Need...

Latest Security Bulletins

View all bulletins

LSB 021

Ledger Security Bulletin 021

Missing parameter validation during MCU firmware update

LSB 020

Ledger Security Bulletin 020

Ledger Live incorrectly parses some EIP-712 messages

LSB 019

Ledger Security Bulletin 019

Invalid addresses for certain miniscript policies

Found a vulnerability?

We reward security researchers who help us protect our users. Join our bug bounty program and get recognized in our Hall of Fame.

Submit a Report Hall of Fame