Security Advisory: Mandatory Firmware Update to v2.4

Summary

We are issuing a mandatory security update to D'CENT firmware v2.4 following the identification of a cryptographic integrity failure introduced by a bug in the previous firmware release. This weakness enabled a limited class of attacks where an undetected, malicious signature component could be introduced under certain conditions, resulting in unauthorized transaction authorization and asset loss for a small number of users who updated to the impacted firmware.

This update closes the vulnerability and introduces a hardened verification layer to prevent similar threats, including signature validation hardening, anti-tamper controls, and expanded supply-chain integrity checks.

What happened, in clear terms

Hardware wallets rely on two core security guarantees:

• ›Transaction Integrity: what you see on the device screen is what gets signed.
• ›Cryptographic Authenticity: the firmware and signing process cannot be silently altered without detection.

The issue we discovered broke part of that second guarantee.

A bug in the last firmware update could, in rare cases, allow a malicious actor to inject an unauthorized signature fragment (think of it as a hidden "approval stamp" inserted where it should never be possible). The result is that a transaction could appear legitimate to the user while the underlying approval path was compromised, enabling unintended signing behavior.

This is not a simple "app bug." It's an integrity and trust boundary breach affecting how the device validates and finalizes signing operations.

Why we are requiring v2.4 now

Firmware v2.4 is a security containment and remediation release that:

• ›Eliminates the bug that made signature injection possible
• ›Adds enhanced signature verification and strict validation rules (reject-by-default behavior)
• ›Strengthens secure boot and firmware integrity checks to detect tampering earlier
• ›Improves transaction authorization controls to reduce any chance of silent manipulation
• ›Adds additional telemetry-free diagnostic codes users can share with support without exposing secrets

This update is required even if you have not noticed unusual activity. Some attack paths are designed to be low-noise and only trigger under specific circumstances.

Who is at risk

You should treat this as urgent if:

• ›You updated to the previous firmware version (the impacted release)
• ›You signed any transactions after updating
• ›You noticed any unexpected approvals, missing assets, or transactions you do not recognize

If you did not update to the impacted firmware, you are still advised to update to v2.4 to ensure consistent protection going forward.

What you need to do right now

Step 1: Update to firmware v2.4 using the Official Firmware Updater

To reduce confusion and eliminate fake-update attempts, firmware updates will now be delivered through the Official D'CENT Firmware Updater going forward.

Critical safety rules:

• ›The updater will never ask for your seed phrase or recovery words
• ›No support agent will ever request your seed phrase
• ›If any website, app, or person asks for your recovery phrase, it is a scam

Step 2: After updating, run an integrity check

Firmware v2.4 includes an on-device integrity check flow that confirms:

• ›Firmware authenticity
• ›Secure element handshake validation
• ›Signing pipeline attestation (basic self-test)

Indicators of compromise (IOCs)

Contact support immediately if you observe:

• ›Transactions you do not recognize
• ›Approvals you do not remember confirming
• ›Sudden token allowance changes or "infinite approval" you didn't set
• ›New sessions/connected dApps you didn't authorize
• ›Device prompts that look unfamiliar or rushed, especially those pushing updates

What we are doing to protect you

We are implementing the following security measures:

• ›Mandatory firmware integrity enforcement for all devices on impacted versions
• ›Improved release signing and verification to reduce supply-chain risk
• ›Expanded internal auditing around the signing pipeline and transaction parsing
• ›A permanent improvement to our incident response posture including faster rollout and clearer security bulletins

If you experienced losses, we will provide a structured support process to help you document impacted transactions and share required information safely.