ESP32 Chip Flaw Exposes Blockstream Jade Hardware Wallet to Security Risks

A newly discovered flaw in a widely used microchip is raising concerns about the safety of certain Bitcoin and crypto hardware wallets. The ESP32 chip, embedded in billions of Internet of Things devices and products like Blockstream’s Jade hardware wallet, contains a serious vulnerability according to Protos, that could allow hackers to steal private keys or sign unauthorized transactions. Known as CVE-2025-27840, this issue threatens users with potential financial losses. The discovery has prompted urgent calls for action to safeguard assets and secure affected devices.

The vulnerability stems from a weakness in the ESP32 chip’s random number generator, which fails to produce sufficiently unpredictable results. This flaw makes it possible for attackers to guess keypairs through persistent brute force efforts, compromising the security of the Bitcoin hardware wallet. Researchers at Crypto Deep Tech demonstrated the real-world danger by extracting a private key from a wallet holding 10 BTC, underscoring the immediate risk to users. The chip’s widespread use in IoT devices further amplifies the threat, as hackers could exploit software updates to infiltrate a range of connected systems.

Blockstream Jade is among the hardware wallets most directly affected by this flaw. The ability to forge transaction signatures or remotely access private keys puts users’ funds in jeopardy, especially for those relying on the wallet for secure storage. Beyond cryptocurrencies, the ESP32’s role in global networks means this vulnerability could lead to broader cyberattacks targeting sensitive data or infrastructure. White hat researchers have highlighted the potential for large-scale exploitation, urging swift action to address the issue.

Protective measures are now being implemented while users are advised to stay vigilant. The cybersecurity community is advocating for transparent communication to help mitigate risks as solutions are developed. For now, users of Blockstream Jade are encouraged to explore alternative storage options and monitor updates closely. Other better alternatives may be long time reputable hardware wallets such as Trezor. Staying informed will be critical to ensuring assets remain secure as this situation continues to evolve.