PreSaleCryptoBMIC

self-custody · NOT quantum-resistant · score 7.8/10

Trezor Safe 5 review — open-source hardware, with caveats

Trezor Safe 5 is the open-source-purist's hardware wallet. The new secure element fixes the voltage-glitching weakness; ecosystem still trails Ledger.

Pros

  • Fully open-source firmware and software
  • Newer secure element addresses Trezor's historical hardware weakness
  • SatoshiLabs is one of crypto's most reputable hardware vendors
  • Strong default opsec (no Bluetooth, USB-C only)
  • Native passphrase support, well-implemented

Cons

  • Ecosystem narrower than Ledger
  • Earlier Trezor models have a known voltage-glitching attack on stolen devices
  • Mobile experience trails Ledger Live
  • ECDSA — no quantum resistance
  • Touchscreen is small; entering long passphrases is fiddly

Trezor’s pitch has always been “open-source everything”. The Safe 5 is the current generation, addressing the historical hardware-security weakness while keeping the open-source design philosophy.

What it is

USB-C hardware wallet from SatoshiLabs (Czech Republic). Firmware open-source. Hardware open-source. Companion app (Trezor Suite) open-source. Newer “Tropic Square” secure element (SatoshiLabs spun out a chip company specifically to address the closed-source secure-element issue at the silicon level).

Why it’s the open-source-purist’s choice

Three things, in order:

  1. Fully open firmware. You can audit, build, and verify the firmware running on your device. No “trust us” black boxes.

  2. Fully open hardware. The schematics are published. Independent researchers can verify what the chip actually does.

  3. No bluetooth. USB-C only. One less attack surface than Ledger Nano X. The trade-off is mobile UX — you need a USB-C-to-Lightning or USB-C-to-USB-C cable to use Trezor with a phone.

For users who can’t tolerate closed-source dependencies, Trezor is the answer.

The historical weakness — and what changed

The original Trezor One and Trezor Model T had a documented physical attack: an attacker with physical access to the device could “glitch” the secure element by manipulating the voltage during boot, extracting the seed in roughly 15 minutes.

This was real. It required physical access (so it wasn’t a remote threat) and required specialized equipment (so it wasn’t trivial), but a determined attacker who could steal the device could in principle extract funds.

The Safe 5 uses the new Tropic Square secure element, which is designed specifically against this class of attack. Public details are still emerging — but the architectural change is real, not marketing.

If you have a previous-generation Trezor (Model One, Model T), the voltage-glitching attack still applies. Either upgrade to Safe 5 or use a strong passphrase (which the attack does not recover).

What the open-source position actually gets you

The argument for: any of millions of users can in principle audit the firmware, find vulnerabilities, and report them. Multiple security teams have done so over the years.

The argument against: no individual user actually does this. In practice, you’re trusting the same researchers and contributors that the Trezor team trusts.

Where it concretely matters: if Trezor were ever to attempt something like Ledger’s “Recover” feature, the open-source community would find out immediately. The architectural option isn’t there.

Setup quality

Trezor Suite is the companion app. It’s competent — covers Bitcoin, Ethereum, common ERC-20s, and a handful of other chains. The token coverage is narrower than Ledger Live but covers the majority of what most retail holds.

Setup procedure follows the standard hardware-wallet flow (we covered universal best practices in our hardware wallet setup guide).

Trezor-specific notes:

  • The 12 / 18 / 24 word seed length is configurable — choose 24.
  • Passphrase support is native and well-implemented. Use it.
  • Don’t use the SD-card slot for “encrypted” backup — it’s not as secure as the marketing implies.
  • Standard PIN length is 4 digits — bump to 8 minimum.

Where it’s weaker than Ledger

  • Ecosystem breadth. Many newer chains (Sui, Aptos, smaller L2s) are supported on Ledger but not Trezor.
  • Mobile UX. Trezor Suite has a mobile app but the Bluetooth-free design means you’re tethered.
  • Ecosystem integrations. MetaMask, Phantom, etc. all support Trezor, but the integrations are sometimes a step behind Ledger.

For active retail use across a wide token portfolio, Ledger is more practically usable. For any holding you’d describe as “long-term Bitcoin and major-cap ERC-20”, Trezor is fine.

Where it’s stronger than Ledger

  • Open source. No closed-source firmware.
  • No Bluetooth. Smaller attack surface.
  • No customer-data breach. Trezor has not had a publicly-disclosed customer-data leak comparable to Ledger’s 2020 incident.
  • No “Recover”-style controversy. SatoshiLabs has not introduced any feature that contradicts the “seed never leaves device” promise.

What it doesn’t do

  • Air-gapped operation. Keystone is the choice if you want to never plug a device into a USB port.
  • Quantum resistance. ECDSA throughout. For long-hold PQC concern, see our BMIC review.
  • Smart-contract wallet integration. Same as all hardware wallets — you sign EOA transactions.

Verdict

Trezor Safe 5 is the right choice for users who place a high weight on open-source verifiability and don’t mind a narrower ecosystem. The new secure element addresses the historical hardware weakness; the open-source position remains uncompromised.

Score: 7.8/10.

For most retail buyers across multiple chains, Ledger remains the easier default. For open-source-preference buyers, Trezor Safe 5 is the answer. For air-gapped discipline, Keystone. For long-hold PQC concern, BMIC.

Pick based on which preference matters most to you. There is no single “best” — there’s a best for your use case.

For context, here's how this wallet stacks against our BMIC review.

Reviews are editorial. We don't take payment from wallet vendors. BMIC is reviewed on the same criteria as competitors.