Interview with Adam Budínský: Trezor’s Head of Hardware on the Safe 7, Open Security, and Self-Custody

In April 2026, Trezor’s flagship hardware wallet, the Safe 7, won a Red Dot Award for Product Design, a competition running since 1955 that has recognized products from Apple, Sony, and Dyson. 

Trezor has shipped more than 2 million hardware wallets since building the first one over a decade ago. This win places a crypto security device alongside names better known for everyday consumer electronics. 

But this also raises a question. Hardware wallets have long carried a reputation for looking like tools made for engineers, an image that has kept ordinary crypto holders away from managing their own keys. Can a device built for security also work as something people want to carry every day?

Making Transactions Understandable 

Design is the visible half of Trezor’s pitch, and the other half is whether a user can understand what they are approving before they approve it. In May 2026, the Ethereum Foundation and a working group of wallet makers, including Trezor, launched an open standard called Clear Signing, built on a specification known as ERC-7730. It targets blind signing, the practice of approving a transaction shown only as a string of code that almost no one can read.

The gap between what a screen displays and what a transaction actually does has cost users billions of dollars. The February 2025 theft of $1.4 billion from the exchange Bybit began with a single approval that signers could not interpret.

Clear Signing translates that code into plain language, showing who a user is dealing with and what they are about to authorize.

Trezor’s chief technology officer, Tomáš Sušánka, tied the change to the company’s long-standing approach:

“At Trezor, we’ve always believed security shouldn’t require technical expertise. Clear Signing aligns perfectly with this principle: readable transactions mean informed decisions, which is the foundation of genuine self-custody security.”

Sušánka also said that Trezor is targeting the start of the second quarter of 2026 for converting complex code into readable text, and the end of that quarter for full human-readable signing across its devices.

The standard sets a direction for the industry. The device that carries it is where Trezor’s choices get tested. To walk through the Safe 7 and address some pressing questions, we sat down with Adam Budínský, Head of Hardware at Trezor.

Security, Design, and the Future of Self-Custody

From open-source secure elements and touchscreen security to supply-chain verification, blind signing, and the future of consumer-friendly hardware wallets, Budínský covered considerable ground in this interaction with Crypto India Magazine (CIM). 

(The following is an excerpt from the interview. Adam’s answers have been slightly tweaked to reduce word count and improve readability, while keeping the original context and information intact.)

CIM: You’ve said hardware wallets have looked like “something built for engineers”. That’s an admission from the company that defined this category. Did Trezor get anything wrong in the first decade? What does the Safe 7 represent that earlier Trezor devices did not?

AB: No, I wouldn’t say we got things wrong. With Model One, which was the first ever hardware wallet, and later Model T, security and privacy were the biggest priorities; we were putting down the cornerstone of the industry. There was no category to reference, no playbook, no precedent. We created the industry. Every decision was setting a standard others would later follow. That was a huge responsibility, and I think Trezor handled it brilliantly.

Industrial design entered the picture with Safe 3, continued with Safe 5, and with Safe 7, we pushed it to keep up with smartphone industry standards. The custom-shape display, the aluminum unibody, the materials, the move to a touchscreen as the primary interface, all of those decisions were made alongside the security architecture from the start, not bolted on after.

What’s new about Safe 7 isn’t that we suddenly started caring about design. It’s that the bar moved. Hardware wallets are now consumer products people carry in their pockets, charge wirelessly, and use with their phone. Safe 7 is the first Trezor built to that standard end-to-end.

CIM: The hardware wallet industry has long relied on proprietary secure elements protected by NDAs, something Trezor has argued conflicts with crypto’s verifiability ethos. With TROPIC01, what are the real trade-offs between an auditable secure element and a battle-tested proprietary chip?

AB: The core question is: what does “secure” mean if you can’t verify it?

A proprietary Secure Element with an EAL6+ certification has been tested by a lab against a predefined set of known attack vectors under specific conditions. That certification matters. However, it has limits; it only covers threats anticipated during evaluation, not new attack classes or novel side channels discovered later. Users cannot independently verify any of this and must trust the manufacturer, the certification body, and the scope of the testing itself. When vulnerabilities appear in closed Secure Elements, NDAs often keep those issues hidden from the public. 

TROPIC01 takes a different position. The name itself, “Truly Open Integrated Circuit,”  is the design philosophy. Any security researcher, any academic, any curious engineer can examine how it works. They can probe for attacks the original evaluators didn’t think of, because the pool of people looking for weaknesses isn’t restricted by NDAs.

On Safe 7, the architecture goes further. TROPIC01 sits alongside an Infineon Optiga Trust M, and the MCU holds a third part of the secret. All three components must combine before the device signs anything. Compromising one or two doesn’t expose the keys. That’s defense-in-depth, a vault with three locks, not just one.

Where does it lose? TROPIC01 is a first-generation auditable Secure Element. Proprietary chips that have been in the field for a decade have accumulated hardening that any new design hasn’t yet. That’s precisely why Safe 7 keeps the Optiga in the architecture rather than betting everything on TROPIC01 alone. The dual-SE design is the conservative answer to “what if the new chip has something we missed?”

In crypto specifically, the verifiability argument wins. This industry was built on the principle that you shouldn’t have to trust, but you should be able to verify. TROPIC01 Secure Element follows the same principle.

CIM: Removing physical buttons for a haptic touchscreen is a major UX shift. Don’t you think touchscreens introduce new vectors, such as fault injection, tampered display controllers, and side-channel leakage through capacitive sensing? How did the Safe 7’s threat model change with this design choice, and what specifically did your team do to harden the display layer?

AB: This is a fair question and exactly the kind of scrutiny we welcome. Any interface change introduces new considerations in the threat model, and a touchscreen is no exception.

Let me address the specific attack classes you raised. 

Fault injection — voltage, temperature, and laser-based attacks — is the reason Safe 7 has independent tamper detection on both Secure Elements. TROPIC01 and the Optiga Trust M each monitor for voltage, temperature, and laser anomalies independently. If either detects tampering, operations can be blocked or secrets wiped. 

Tampered display controllers are addressed at two layers: the device ships with a holographic seal over the USB-C port, a protective screen sticker, and no pre-installed firmware. On first setup, a Secure Element authenticity check runs before anything else. After that, the dual-SE architecture means a swapped display IC alone can’t compromise signing — TROPIC01, the Optiga, and the MCU each hold part of the secret. All three must combine before the device signs anything. 

Side-channel leakage through capacitive sensing is a research-grade attack class, real but extremely impractical against a device with a Secure Element holding the keys. The capacitive layer doesn’t see the keys; the SEs do.

On the broader hardening, communication between Trezor Suite and the device is end-to-end encrypted with Trezor Host Protocol (THP), over both USB-C and Bluetooth. The display is a presentation layer driven by the MCU, but no signing happens until both Secure Elements independently verify the transaction data. The screen shows, the chips sign. That separation is intentional.

All of that said, I would add a threat modelling point. The real-world attacks that compromise crypto users, such as phishing, blind signing, and social engineering, are far more common and damaging than physical attacks on a touchscreen controller. Every Trezor device is designed so users can clearly see what they are signing before approving it. That has been a core principle since 2014. The Safe 7’s larger, higher resolution display simply gives us more room to present complex transaction details clearly, especially in situations where blind signing is hardest to avoid. 

CIM: The hardware wallet space has taken real trust hits in recent years, from data leaks to recovery controversies. How do you compete on trust when the category itself is bruised, and what is Trezor explicitly not willing to do that competitors will?

AB: Trust in this category has to be earned by actions, not marketing. When people read about data leaks or controversial recovery services, it damages confidence in hardware wallets as a category, not just in the company involved. 

Our position is architectural, not aspirational. The user’s keys never leave the device. There’s no extraction path, no cloud backup of seed material, no third-party shard or recovery service that involves anyone outside the user’s own setup. We won’t build those capabilities, because once a capability exists, it exists. Convenience features that touch the seed are the ones that get exploited, leaked, or repurposed later. We’d rather not build the capability at all.

On data, we collect only what’s strictly required to ship a product and provide support. We don’t build user behavior profiles, we don’t sell or share customer data, and we minimize what data we hold by default and delete it after some time. 

On openness, our firmware has been open-source since the first Trezor in 2014. Anyone can audit it. With TROPIC01, we extended the same principle into silicon, building an open Secure Element where closed-source was the only option in the industry. We won’t introduce closed-source components where an open alternative exists.

What we are willing to do is be transparent when things go wrong. Open-source means the security community can find vulnerabilities, and we can fix them publicly. That process is uncomfortable sometimes; disclosure means accepting scrutiny, but it’s how trust actually works in this industry.

CIM: What changed in the Safe 7’s supply-chain assurance compared to earlier Trezor models, and just as importantly, what’s the actual verification a buyer in, say, Bangalore should perform when their device arrives to be sure it hasn’t been intercepted?

AB: Supply-chain integrity has been a Trezor priority since the first device. Several practices are standard across our entire current lineup: every Trezor ships without firmware installed, every device runs a Secure Element authenticity check on first setup. And as our firmware is open-source, anyone can verify what runs on the device against the published source. 

What’s new on Safe 7? First, the dual-SE architecture extends into supply-chain verification: both TROPIC01 and the Optiga Trust M independently run authenticity checks on first setup. A device modified in transit would have to defeat both Secure Elements, not one.

Second, Safe 7 uses post-quantum signature verification for its bootloader and firmware — SLH-DSA-128, in a hybrid scheme alongside classical signatures. That makes the firmware integrity check on the first setup the strongest in our lineup, and future-proofs it against signature schemes that may be broken decades from now.

What a buyer in Bangalore should do when the device arrives. The steps are the same as anywhere. We list authorized resellers on trezor.io/resellers — buy from one of those, not from an unknown marketplace listing. Before opening the box, check the packaging for tampering. Before connecting, check the seal over the USB-C port. Then connect the device and let Trezor Suite complete its full verification: firmware signatures, bootloader, and Secure Element authenticity. Finally, your wallet backup is generated on-device during setup. It should never arrive with a pre-filled seed phrase or a wallet backup card that’s already been written on. If it does, stop, don’t use the device, and contact us.

Beyond the standard verification, Trezor’s firmware is open-source. A technically capable user can build the firmware from source and compare it byte-for-byte to what’s running on the device. That level of independent verification isn’t available with closed-source firmware, and it’s a genuine differentiator for users who want to go further than the default checks.

ALSO READ: Dr. Shobhit Navani on Crypto’s Dark Side, Regulatory Gaps, and Institutional Shift

Why Self-Custody Adoption Is Still Uneven 

Budínský was quick to note that a design award does not solve adoption. Better design may help hardware wallets feel more consumer-friendly, but it does not remove the fear of seed phrases or irreversible mistakes. Trezor’s data shows mobile activation rates are about 15 percentage points higher than desktop, largely because phones feel more familiar to users. But while design improves onboarding, the harder problems around backups and recovery still require education and better tooling.

That line between first impression and lasting friction is why Budínský resists the idea that adoption has stalled.

“Adoption hasn’t stalled, it’s bifurcated,” he said.

High-intent users are setting up wallets and using them actively, while low-intent buyers, the ones who bought on an exchange because a friend suggested it, stay custodial until something forces the question. That something is usually an exchange failure.

That pattern is sharpest in India, a high-adoption market where self-custody has lagged behind. The July 2024 WazirX breach made the cost of staying custodial concrete, with roughly $230 million stolen and millions of users locked out of their accounts.

“Custodial risk in this market isn’t theoretical anymore,” Budínský said.

Price still shapes the conversation, though Budínský argued it is rarely the main barrier. He said the Safe 7 was never meant to be the entry point, pointing instead to the $59 Safe 3, which still includes the same secure element, open-source firmware, and on-device verification. According to him, the bigger obstacles are regulatory uncertainty, India’s 30% crypto tax, the 1% TDS on transfers, and the tendency for users to leave funds on exchanges. Trezor is betting that education and lower cost options will drive adoption more effectively than discounts alone.

Why Hardware Wallets Still Matter 

That leaves the larger question of whether a dedicated wallet still makes sense in a world of increasingly secure smartphones. Apple and Google now run secure enclaves that handle passkeys and payments, but those systems still answer to the companies behind them, which runs against the core idea of self-custody. A standalone wallet exists, so no single vendor can revoke or alter a user’s access, with auditable hardware and open source firmware that remain independent of any phone.

The Safe 7 already uses post-quantum cryptography for firmware signing and is designed to support a quantum-resistant Bitcoin through a software update, without requiring new hardware.

“Self custody means the user controls the keys, not Apple, not Google, not Trezor,” Budínský said.

The form factor may change. The principle behind it, he argues, will hold.

---

Editorial Note: This article is based on an interview with Adam Budínský. Various parts have been adapted into a narrative format for readability, but his perspectives and insights remain presented as originally expressed.