Skip to main content
CryptoRyancy logoCRYPTORYANCY
CryptoRyancy logoCRYPTORYANCY
Subscribe Free

Research · Guides · Income Strategies

Cryptocurrency Guides

Ledger Found a Critical Security Flaw in the Solana Seeker Phone

Crypto Ryan11 min readAffiliate disclosureUpdated: April 2026

A solana seeker security vulnerability discovered by Ledger Donjon is forcing Seeker owners to reconsider how they store crypto. The Donjon team – Ledger’s internal hardware security research unit – found a critical flaw in the Solana Seeker phone’s MediaTek Dimensity 7300 chip that allows a physical attacker to extract seed phrases in approximately 60 seconds using equipment available for under $500.

For a full comparison of the Seeker against Ledger cold storage options, see my Seeker vs Ledger breakdown.

I’ve been tracking Donjon’s research for years. They’ve attacked Trezor, ColdCard, and cheap hardware wallets with no-name chips. When they publish, the finding is real. This one is serious.

The Boot ROM vulnerability – the lowest-level code in the device, burned into silicon at manufacture – cannot be fixed by software patches. MediaTek issued a firmware update in January 2026, but that patch cannot change what’s in the Boot ROM. Every shipped Seeker has it permanently.

Protect Your Holdings With a Ledger

Cold storage that resists EMFI attacks.

Get My Ledger →

TLDR

  • Ledger Donjon demonstrated a physical attack on the Solana Seeker extracting seed phrases in ~60 seconds via EMFI – a hardware fault injection technique.
  • The flaw is in the MediaTek Dimensity 7300’s Boot ROM – unpatchable via software. Every shipped Seeker has this vulnerability permanently.
  • Use Seeker for daily DeFi and small transactions; move holdings above your “walking around money” threshold to a Ledger hardware wallet with a Secure Element.

CryptoRyancy Verdict

The Seeker is a good DeFi companion device. It is not a vault. The Donjon finding confirms what hardware security researchers have long argued: mobile phones – even ones with “secure enclaves” – cannot match the threat resistance of a dedicated Secure Element chip. Keep convenience money on the Seeker. Keep real money on Ledger.

What the Solana Seeker Security Vulnerability Actually Is

Every chip has a Boot ROM. It’s the very first code that runs when the processor powers on – before the operating system, before any firmware, before the secure enclave. It’s burned into silicon at manufacture. You cannot update it. You cannot patch it remotely. It is the root of the entire trust chain.

The Boot ROM for the MediaTek Dimensity 7300 (the chip inside the Solana Seeker) has a vulnerability that makes it susceptible to EMFI. Here’s what that means in practice.

An EMFI attack uses a focused electromagnetic pulse, delivered at precisely the right moment during chip startup, to disrupt the Boot ROM execution flow. Think of it as creating a controlled glitch in the chip’s logic at the exact nanosecond it matters. When done correctly, the attacker can redirect the chip’s execution path – bypassing the secure boot sequence that is supposed to protect sensitive memory regions.

The result: the attacker gains read access to memory that should be locked. In the Seeker’s case, that includes the private key material stored in Seed Vault – the Seeker’s advertised security feature for holding crypto keys on-device.

Ledger Donjon executed this attack in approximately 60 seconds. The equipment required is commercially available – basic EMFI probe setups start around $100 to $500. This is not theoretical. This is a practical, reproducible attack.

What the Donjon team found: A Boot ROM flaw in the MediaTek Dimensity 7300 that allows physical attackers to extract seed phrases using EMFI in under a minute, with no fix possible via software updates.

Why MediaTek’s January 2026 Patch Doesn’t Fully Fix It

MediaTek responded to Donjon’s findings with a security update released in January 2026. That patch addresses firmware layers above the Boot ROM – adjusting timing requirements, hardening the bootloader handoff, and tightening the attack window. It matters. It makes the attack harder to execute with imprecise equipment.

But it does not fix the Boot ROM.

The Boot ROM is read-only hardware. It cannot be reflashed. It cannot receive an over-the-air update. The Solana Foundation cannot push a patch that changes what lives in the Seeker’s Boot ROM. MediaTek cannot send your device a firmware fix that rewrites silicon.

Every Solana Seeker ever shipped has the underlying hardware flaw. The January 2026 patch reduces the precision required for a successful attack from “expert with calibrated equipment” to “expert with well-calibrated equipment” – a meaningful difference in casual theft scenarios, but not in targeted attacks.

This is the critical distinction between a software vulnerability and a hardware vulnerability. Software bugs can be patched. Hardware bugs in burned-in Boot ROM are permanent.

Seed Vault vs. Ledger Secure Element – The Security Gap

The Solana Seeker ships with a feature called Seed Vault – an isolated, hardware-level storage environment for private keys. The marketing positioning is that Seed Vault provides “secure element-like” protection for your crypto keys directly on your phone.

Here’s the problem: “like” is doing a lot of work in that sentence.

The Seeker’s Seed Vault is built on top of MediaTek’s TrustZone – the ARM-based secure enclave architecture used in most modern smartphones. TrustZone separates a “normal world” (where your apps run) from a “secure world” (where sensitive operations happen). It is genuinely more secure than storing keys in a regular app.

But TrustZone – and by extension Seed Vault – depends on Boot ROM as its root of trust. If Boot ROM can be compromised, the entire trust chain downstream of it is compromised. That’s exactly what Donjon demonstrated.

A Ledger Nano S Plus, Nano X, or Ledger Flex uses a fundamentally different architecture. It contains a dedicated Secure Element chip – specifically, STMicroelectronics’ ST33 family – that is purpose-built for exactly this threat model.

Feature Seeker Seed Vault Ledger Secure Element
Chip type MediaTek Dimensity 7300 (general purpose) ST33 dedicated Secure Element
Security certification None specified Common Criteria EAL5+
EMFI resistance Vulnerable (Boot ROM flaw) Purpose-built to resist EMFI
Side-channel attack resistance Not certified Certified, independently tested
Physical tamper resistance Not certified Certified
Root of trust Boot ROM (flawed) Dedicated SE hardware

Secure Elements are not general-purpose processors running a slimmed-down OS. They are chips designed from the ground up to resist exactly the class of attack – fault injection, side-channel analysis, power glitching – that Donjon demonstrated against the Seeker. The EAL5+ certification means independent labs have tried to break them and failed under defined attack conditions.

The Seeker is a powerful, well-designed phone with a genuinely useful on-device key storage feature. Seed Vault is better than no protection at all. But it is categorically different from what a dedicated hardware wallet provides. When choosing a Solana-compatible wallet, our Solana wallet comparison covers all options.

Who Is Actually at Risk

Physical access is required. This is an important qualifier.

No one can drain your Seeker’s Seed Vault remotely. There is no network exploit here. The attack requires the attacker to have the physical device in hand, with EMFI equipment, for 60 seconds.

So who is actually at risk?

High risk: Seeker owners who store significant crypto positions (thousands of dollars or more) in Seed Vault – especially people who travel frequently or publicly identify as crypto holders. Targeted physical attacks on known crypto wealth are a real and growing threat vector.

Lower risk: Seeker owners who use it for small DeFi transactions with minimal balances, treating Seed Vault the way a reasonable person treats a leather wallet.

The opportunistic theft scenario – someone snatches your phone and immediately uses EMFI to extract your seed phrase – is less likely because most thieves don’t carry EMFI equipment. But targeted attacks are a different calculation entirely. If someone knows you hold significant crypto and they steal your Seeker, the 60-second extraction window is real.

Think of it this way: you might leave $50 in a wallet you carry daily and accept some theft risk. You wouldn’t put your life savings in it. That’s the right mental model for the Seeker. For more on managing these custody risk decisions, see how I think about crypto position sizing in 2026.

The Solution: Layer Your Security With Seeker and Ledger

The Seeker and a Ledger are not competing products. They serve different purposes in a layered security model.

Seeker’s role: Daily DeFi interactions, small transaction amounts (define your “walking around money” threshold and stick to it), mobile-first Solana ecosystem access, and convenience for fast transactions that don’t justify pulling out a hardware wallet.

Ledger’s role: Long-term holdings storage above your defined threshold, large transactions requiring trusted display review (which also protects against blind signing), cold storage for assets you’re not actively trading, and inheritance planning via seed phrase recovery.

This isn’t a new concept. Security-conscious crypto holders have always separated hot wallets from cold storage. The Donjon finding makes it clear that the Seeker, despite Seed Vault’s marketing, belongs in the hot wallet category – not the cold storage category.

If you’re currently storing meaningful crypto holdings in Seeker’s Seed Vault, the right move is to transfer those holdings to a Ledger hardware wallet now. Not after the next upgrade cycle. Now.

Move Your Holdings to Cold Storage

Ledger’s Secure Element resists EMFI attacks.

Get My Ledger Wallet →

What Ledger Donjon’s Research Record Tells Us

Donjon has been publishing attack research on third-party hardware since at least 2019. Their track record includes successful attacks on Trezor devices (via voltage glitching), ColdCard weaknesses, and various software wallet implementations.

The pattern is consistent: when a crypto device relies on a general-purpose chip without a dedicated Secure Element, Donjon typically finds a fault injection attack path. The Seeker finding is not an anomaly. It’s consistent with what happens when you use smartphone-grade silicon for key storage.

Ledger publishes Donjon’s findings publicly because it serves a dual purpose: it advances the industry’s collective security knowledge, and it demonstrates why Ledger’s architectural choice – dedicated Secure Element, not general purpose processor – matters.

I don’t treat Donjon research as marketing. Their methodology is solid, their disclosures follow responsible timelines, and they’ve been just as willing to publish Ledger’s own historical weaknesses as competitors’. That credibility matters when evaluating findings like this. For a broader look, see our Ledger safety analysis.

The Seeker vulnerability disclosure followed standard responsible disclosure practice: Donjon notified MediaTek, MediaTek issued their January 2026 patches, and then the full technical details were published.

Practical Steps for Seeker Owners

If you own a Seeker, here’s what to do:

If you haven’t evaluated the Seeker’s full hardware profile yet, read my Solana Seeker review before deciding on your security setup.

  1. Apply the MediaTek January 2026 patch if you haven’t already. It won’t fix the Boot ROM flaw, but it tightens the attack window.

  2. Audit your Seed Vault balance. If it’s more than you’d carry in cash on a city street, it’s too much.

  3. Transfer large holdings to cold storage. If you don’t have a hardware wallet, this is the moment. Ledger’s lineup starts around $79 for the Nano S Plus.

  4. Use the Seeker for what it’s good at. DeFi access on Solana is genuinely useful. Compressed account interactions, mobile NFT management, daily swaps – the Seeker is well-designed for these.

  5. Set a mental threshold. Decide your “walking around money” limit for the Seeker. $200? $500? Set it, stick to it, move everything above it to Ledger.

For evaluating exchange options for moving assets, the best crypto exchange for beginners in 2026 covers the main options that pair well with Ledger Live. For your broader trading cost analysis, see the breakdown of Coinbase Advanced Trading fees – the most commonly used on-ramp alongside hardware wallet custody.

FAQ

Is the Solana Seeker still safe to use?

Yes – for its intended use case. The Seeker is a solid DeFi companion for daily transactions and modest balances. The Boot ROM vulnerability requires physical access and specialized equipment. For casual DeFi usage with limited on-device balances, practical risk is low. The problem is using Seed Vault to store large holdings – that’s where the Boot ROM vulnerability becomes a real financial risk.

Can the Solana Seeker security vulnerability be patched?

No. Boot ROM is burned into the chip at manufacture and cannot be updated via software. MediaTek released patches in January 2026 that harden firmware layers above Boot ROM, reducing EMFI attack precision requirements. Those patches do not and cannot fix the underlying Boot ROM flaw. Every shipped Seeker has this hardware limitation permanently.

What makes Ledger safer than the Seeker for key storage?

Ledger hardware wallets use a dedicated Secure Element (ST33, Common Criteria EAL5+ certified) purpose-built to resist electromagnetic fault injection, side-channel attacks, and physical tampering. The Seeker uses a general-purpose MediaTek chip with TrustZone isolation. TrustZone provides some isolation but depends on Boot ROM as its root of trust – exactly where the Donjon vulnerability lives. An EAL5+ Secure Element has no equivalent Boot ROM attack surface.

What is EMFI and how does the Seeker attack work?

EMFI (Electromagnetic Fault Injection) delivers a focused electromagnetic pulse to a chip at a precise moment during execution – typically during boot – to corrupt the processor’s instruction flow. A successful attack redirects execution past security checks and unlocks protected memory. Equipment starts around $100-500. Ledger Donjon executed the full Seeker seed phrase extraction in approximately 60 seconds.

Should I stop using my Seeker for crypto entirely?

No. The correct model is separation of concerns: Seeker for convenience and daily DeFi, Ledger for custody. The Donjon finding clarifies what the Seeker is – a hot wallet with some hardware security features. Treat it like one: keep an amount you’re comfortable accepting risk on, and keep real holdings in cold storage on Ledger.

My Review Criteria /
Last updated

April 19, 2026

How we evaluate

I evaluate platforms based on total fee drag, spreads, withdrawal friction, security track record, ease of use, and whether the tradeoffs make sense for real investors using real money.

Continue Researching

Newsletter

The Edge.
Weekly.

Crypto signals, macro shifts, and trades worth watching. No noise.

No spam. Unsubscribe anytime.