Armada Daily Repo Summary Archive
Custody / SOC 2

Ledger discloses laser-fault attack resetting Tangem hardware wallet passwords

The Block · Jul 10, 2026 7:08 AM EDT

Ledger's security research team disclosed a laser fault-injection attack that can reset passwords on Tangem hardware wallet cards by bypassing a recovery-state firmware check. Tangem has characterized everyday user risk as virtually nonexistent, but the disclosure demonstrates that physical attack vectors on hardware wallets remain viable under lab conditions. Ledger and Tangem are direct competitors, though the technical finding itself is independently verifiable.

For Armada's crypto desk, this matters because custody security is a core pillar of the firm's SOC 2 positioning and client-facing no-rehypothecation policy. While Armada uses Fireblocks MPC-based custody rather than hardware wallet cards, the disclosure is a reminder that physical and firmware attack surfaces require ongoing due diligence. Armada should confirm with Fireblocks that its key management architecture has no analogous physical fault-injection exposure and retain that confirmation in SOC 2 audit documentation.

Suggested action Confirm with Fireblocks that MPC key architecture is not susceptible to analogous physical fault-injection attacks; document in SOC 2 evidence.
Read the original article →