New
Laser Fault Injection on the TROPIC01 Open-Source Secure Element
We used laser fault injection to bypass Ed25519 signature verification on the <mark>TROPIC01 open-source secure element</mark>, achieving arbitrary firmware execution.
Security Research
Donjon @ Ledger
We are the security research team at Ledger, dedicated to protecting your digital assets through cutting-edge security research, vulnerability discovery, and open-source tools.
Security Bulletins
Technical details of past security issues, their impact, and available patches.
Threat Model
Comprehensive documentation of security objectives and mechanisms.
Tools Suite
Open-source security research tools for hardware and software analysis.
Bug Bounty
Report vulnerabilities and earn rewards for helping secure Ledger products.
Latest Blog Posts
View all postsLatest Security Bulletins
View all bulletinsFound a vulnerability?
We reward security researchers who help us protect our users. Join our bug bounty program and get recognized in our Hall of Fame.