It would seem that there are a number of unresolved issues with Trezor’s wallets as Ledger has revealed in a post dated March 11, 2019, which outlines five major vulnerabilities in their competitor’s product.
In December 2018, a hacker team publicly disclosed some vulnerabilities they had discovered in the Trezor’s wallet which could be exploited through the use of an attack vector.
The discovery of bugs and vulnerabilities is not uncommon in the crypto world, and several firms even have bug bounties for any user who can find and report such issues to them. Monero, for example, had a vulnerability of theirs revealed in March 2019; however, the Ledger Team, on March 11, 2019, were forced to publicly disclose several issues their team discovered in the Trezor wallets, which is made by their direct competitor.
According to the post, the discovery of these vulnerabilities took place in the Attack Lab, which is a branch of their organization where their research team tries continuously to break into both their wallets and their competitors’ wallets to reveal any overlooked issues.
In this case, their team discovered some of these and reported them to Trezor. However, the responsible disclosure period elapsed without any action from Trezor and so Ledger has decided to make their findings public.
The first vulnerability discovered by the Ledger team is the fact that the wallet itself can be fairly easily counterfeited. According to them, the use of malware could be used to backdoor the device and then, it could be repackaged with a false tamper-proof sticker. Their recommendation for Ledger is that the entire wallet design be overhauled and a secure element chip is added.
The second found a side-attack channel that could be used to guess the value of a Trezor wallet PIN, though this has been resolved in the Trezor’s firmware update 1.8.0.
The third and fourth issue both involve the possibility of stealing data directly from the device. If a malicious party has physical access to the wallet, they can extract data from the flash memory. These two issues, Ledger says, can also be solved through the use of a secure element chip.
The last issue claims that the crypto library of the Trezor One is not properly secured against hardware attacks, though this is a claim that Ledger has denied in the past.