The two names that dominate hardware wallet discussions are Ledger and Trezor. They've occupied this space so long that "get a Ledger or a Trezor" has become the default advice for anyone moving crypto off an exchange.
That advice isn't wrong. Both devices do what they're supposed to do: keep your private keys offline and require physical interaction to sign transactions. Most people who buy either one and use it correctly will be fine.
But the comparison isn't trivial. The devices differ on security architecture, how much of their software is open for inspection, and their respective incident histories. For people who care about self-custody as a serious practice — not just a box-ticking exercise — those differences matter.
What Both Devices Are Doing
A hardware wallet is a dedicated signing device. Its job is to hold your private keys in isolated hardware and sign transactions without the keys ever leaving the device.
When you confirm a transaction on a hardware wallet, what happens is: the transaction request travels from your computer to the device, the device displays the details on its screen, you approve with a physical button (or PIN), and the signed transaction is returned to your computer to broadcast. The private key itself never touches the internet-connected machine.
The seed phrase — typically 12 or 24 words — encodes the master key from which all your individual wallet keys are derived. Both Ledger and Trezor use the same BIP-39/BIP-44 standard for this, which means a seed phrase generated on one device can, in principle, be recovered on any compatible device. That interoperability is intentional and important.
So the fundamental mechanism is shared. The differences are in implementation.
Where the Architecture Diverges
The most technically significant difference between Ledger and Trezor is the security chip.
Ledger uses a Secure Element (SE) — a specialized tamper-resistant chip designed specifically to protect sensitive data against physical extraction attacks. The same category of chip is used in passports, SIM cards, and payment cards. Ledger's SE chips are independently certified, typically at the Common Criteria EAL5+ or EAL6+ level. These certifications are formal evaluations of resistance to hardware-level attacks: fault injection, power analysis, probing. Ledger's SE firmware is proprietary and closed source — Ledger's rationale is that publishing the firmware would help attackers find vulnerabilities.
Trezor (made by SatoshiLabs) historically used general-purpose microcontrollers — specifically STM32 chips — rather than Secure Elements. The advantage was that everything could be open source, including the firmware and hardware schematics. You can review every line of code that runs on a Trezor Model One or early Model T. The trade-off is that general-purpose chips are more susceptible to certain physical attack vectors, particularly voltage glitching. There's documented research showing that under controlled lab conditions, seed phrases could be extracted from older Trezor models by someone with physical access.
Trezor's newer devices — the Safe 3 (2023) and Safe 5 (2024) — introduced an Optiga Trust M Secure Element from Infineon to protect the PIN/passphrase. This closes some of the physical attack surface while preserving open-source firmware. It's not identical to Ledger's architecture (the SE scope is narrower), but it's a meaningful shift. Trezor's approach is still more transparent: the SE vendor, the firmware source, and the hardware design are all public.
So if you're evaluating physical attack resistance under formal certification, Ledger's architecture is stronger on paper. If you're evaluating auditability — whether independent security researchers can examine what the device is actually doing — Trezor has the clearer record.
Incident History: Two Very Different Events
Both companies have had significant incidents. They're different in kind.
Ledger's 2020 data breach exposed customer data — names, email addresses, and postal addresses for approximately 272,000 customers. No funds were lost; no private keys were compromised. But the leak exposed hardware wallet owners to phishing, SIM-swapping, and physical threats. The underlying security principle — that your device can be secure while the company's marketing database isn't — remains valid, but the incident made the real-world risks of personal data exposure concrete.
Ledger Connect Kit supply chain attack (December 2023) was a more serious event. An attacker compromised a former Ledger employee's NPM account and injected malicious JavaScript into Ledger's widely-used Connect Kit library — the code that thousands of dApps use to connect with Ledger devices. The malicious code redirected funds through a wallet drainer for approximately five hours before being detected and patched. Around $600,000 was lost. The private keys on the hardware devices themselves were not compromised — the attack intercepted at the software layer connecting devices to dApps. But it demonstrated that the hardware security model doesn't protect against supply chain attacks on the software ecosystem around the device.
Ledger Recover (May 2023) isn't an incident but generated significant controversy. Ledger announced an optional subscription service that would encrypt and shard a user's seed phrase across three custodians (Ledger, Coinbase, and an independent party), allowing recovery via identity verification. Critics argued this proved the seed phrase could leave the Secure Element — which Ledger had previously implied was impossible. Ledger's response was that the capability existed but required user authorization and a firmware update. The product is real and optional. Whether it changes your threat model depends on whether you were previously relying on the belief that extraction was impossible.
Trezor's main incident was the documented research on physical seed extraction from older models, mentioned above. This is a hardware vulnerability, not a software/supply chain issue — and it requires physical device access plus specialized equipment. The Safe 3/5 product line is a direct response.
What's Changing
Both product lines are actively evolving.
Trezor's Safe 3 and Safe 5 represent a genuine architectural shift — not just a refresh. Adding a Secure Element while keeping firmware open source is a meaningful engineering choice. It narrows the physical attack surface that researchers had documented on older models without abandoning the transparency argument.
Ledger has been expanding its software ecosystem (Ledger Live) and adding coins. The Ledger Flex and Ledger Stax devices (2024) introduced touchscreen interfaces and updated form factors. The core SE architecture is unchanged.
The supply chain attack in December 2023 raised questions about how hardware wallet security should be evaluated holistically — hardware integrity is necessary but not sufficient when you're plugging into a browser-based dApp environment.
Confirmation Signals
For Trezor's SE-based devices: independent security research confirming that the physical attack vectors documented on older models are genuinely closed on the Safe 3/5 architecture. Continued open-source firmware audits without critical findings.
For Ledger's architecture: continued absence of SE-level compromises. Supply chain security improvements — reproducible builds, code signing, third-party audits of the Connect Kit and Ledger Live components.
What Would Change the Picture
A successful physical seed extraction from a Safe 3 or Safe 5 in published research would meaningfully weaken the case for the new Trezor architecture. A repeat supply chain attack on Ledger's software ecosystem — particularly one compromising the device firmware update mechanism rather than just the connector library — would raise more fundamental questions about the hardware security model's practical boundaries. A cryptographic vulnerability in either device's signing implementation would be in a different category entirely.
Timing Perspective
Now: Both devices work. The meaningful distinction for active buyers is: SE architecture + proprietary firmware (Ledger) vs SE architecture + open-source firmware (Trezor Safe 3/5). The older Trezor models without SE are a less obvious choice given documented physical vulnerabilities.
Next: Trezor's Safe 3/5 track record will accumulate. If independent researchers find the SE implementation solid under scrutiny, the gap between the two companies' security postures narrows considerably.
Later: The supply chain security question — how do you verify what software your hardware wallet is running, and how do you trust the ecosystem around it — is not fully resolved by either vendor. This is a harder problem than hardware isolation.
What This Post Doesn't Cover
This is an explanation of the architectural and historical differences between the two devices. It doesn't account for specific use cases, firmware update policies, coin support completeness, or the particular threat model you're operating under. Neither device is immune to user error — seed phrase storage, phishing resistance, and software hygiene matter as much as the hardware.
Both devices are legitimate cold storage options. The decision between them is a security architecture decision, not a binary question of safe vs unsafe. The tracked variables are the SE implementation on Trezor's newer lineup and Ledger's supply chain security posture — both of which are live questions.
