Hardware wallets are quietly converging on a new feature: native DeFi yield. Ledger launched stablecoin yield with Kiln in April 2025. Tangem followed with Aave in late 2025. Trezor’s version, powered by Morpho, launched in late May 2026.
An interview with Tomáš Sušánka, CTO of Trezor.
Hardware wallets are quietly converging on a new feature: native DeFi yield. Ledger launched stablecoin yield with Kiln in April 2025. Tangem followed with Aave in late 2025. Trezor’s version, powered by Morpho, launched in late May 2026.
Each of the three has taken a noticeably different approach. We spoke to Tomáš Sušánka, CTO of Trezor, about the design choices behind Trezor’s launch, what trade-offs hardware wallet manufacturers are making when they bring DeFi inside, and where the category goes from here.
Q. To start with the basics — what has Trezor announced, and what does the feature actually do for a user?
Tomáš Sušánka: We have launched stablecoin yield natively inside Trezor Suite. A user holding USDC or USDT on Ethereum can now deposit those stablecoins into a curated Morpho vault from inside Suite, earn yield on them, and withdraw whenever they want. The whole flow happens inside the Trezor environment. No browser extensions, no third-party wallets, no dApp interfaces.
Tomáš Sušánka: At launch we are working with Morpho on Ethereum, and we have selected two vaults curated by Steakhouse: USDC Prime and USDT Prime. The user does not pick a protocol from a list. They pick how much they want to deposit, confirm on their Trezor, and the deposit happens. From a user’s point of view, it is a few clicks. From an architectural point of view, every step is signed on the device and shown to the user in plain language before they approve it.
Q. Why now? What was the trigger for building this?
Tomáš Sušánka: Two things. The first is that stablecoin holdings on Trezor have grown a lot over the last couple of years. A meaningful number of our users are sitting on USDC and USDT they would like to earn yield on, and they were either doing that elsewhere or leaving the position idle. Neither is a great outcome.
Tomáš Sušánka: The second is that the infrastructure to do this responsibly is now mature. Morpho has been live on Ethereum since 2022, has operated through both the 2022 market downturn and the bull cycle that followed, and the V2 vault architecture lets us select specifically for conservative risk parameters. The curator model gives us a counterparty in Steakhouse with a public methodology. The pieces were not all in place two years ago. They are now.
Q. You curate the user’s options rather than offering a list of protocols. Walk us through that design choice.
Tomáš Sušánka: There is a user who is comfortable comparing Aave to Spark to Compound on their own. They already have a workflow.
Tomáš Sušánka: The user we are designing for is the one who holds stablecoins on a Trezor, knows yield exists, and has not pursued it because the path looked unfamiliar. For that user, a screen with five protocols ranked by APY is not a feature, it is a barrier. They will close it. Curation is the value we add. We have done the protocol evaluation, the audit review, and the vault selection. The user gets a path to yield that does not require them to become a DeFi researcher first.
Tomáš Sušánka: In Trezor Suite, we have made a clear call: the native experience is the easy path. The vault is selected, the flow is short, the user does not need to research anything to get started. For users who want more options or want to engage with a wider range of DeFi protocols, Trezor already supports third-party integrations. So users are not really choosing between Trezor and DeFi flexibility. They are choosing how much research they want to do, and we support both modes.
Q. Every hardware wallet talks about clear-signing now. What does it actually mean in this context, and how is it different from blind-signing a contract call?
Tomáš Sušánka: Clear-signing means that when a user is about to sign a transaction, the Trezor device screen shows them what they are authorising in plain language. They see that they are depositing into a specific Morpho vault, they see the amount, they see the contract address. They do not see a hexadecimal string they cannot parse.
Tomáš Sušánka: Blind signing is the opposite. The user is asked to approve a transaction whose contents they cannot read in any practical sense. They are trusting the application that presented the transaction. If that application is compromised, or if a malicious site has substituted a different contract call into the same approval flow, the user has no way to detect it before pressing the button.
Tomáš Sušánka: Blind signing has been responsible for a significant share of DeFi losses over the last several years. The Bybit incident is an example most people will recognise. For us, designing a yield product where the user signs a deposit, a withdrawal, or a reward claim through the device, the principle is that every one of those transactions should be readable on the screen before the button is pressed. There is no scenario where we ask the user to trust the interface.
Q. How does the user experience compare to depositing into a Morpho vault directly through a web app?
Tomáš Sušánka: For a DeFi-native user the underlying actions are the same — deposit, withdraw, claim. What changes is the path and the verification.
Tomáš Sušánka: In a typical web flow, the user navigates to a dApp, connects a wallet, picks a vault from a list, approves the spending allowance, then deposits. Each of those steps generates a contract call the user signs through their wallet. If the user is on a hardware wallet via WalletConnect, those calls often arrive at the device as data the user cannot fully verify on the screen. The user is trusting that the dApp they navigated to is the real one and that the call has not been tampered with.
Tomáš Sušánka: In Trezor Suite, the user is in their own wallet from the start, the vault is pre-selected, and every transaction is generated by Suite and translated into readable language on the device screen. The user is not navigating to anything. They are not approving a spending allowance to an unknown contract. The trust surface is much smaller.
Q. Where does smart contract risk fit into this? It does not disappear because the user signed on a hardware wallet.
Tomáš Sušánka: It does not, and we are direct about that with users. The user’s private keys stay on the device. The user’s deposited stablecoins are governed by a smart contract on Ethereum. Those are two separate statements and we communicate both.
Tomáš Sušánka: What hardware-signing protects against is the class of attacks that happen between the user and the contract: phishing, malicious dApps, browser exploits, key theft. The Trezor signs locally so a compromised computer cannot move funds without physical confirmation. That covers a lot of the historical DeFi loss patterns.
Tomáš Sušánka: What it does not protect against is a flaw in the smart contract itself. That is why protocol selection matters and why we chose Morpho specifically. Honest communication of the risk is part of how we built this. It is not a compliance afterthought.
Q. Final question. The hardware wallet category has just had three native DeFi yield launches in roughly twelve months. Where does this go in the next twelve to twenty-four?
Tomáš Sušánka: Two things will happen, I think.
Tomáš Sušánka: First, the trade-off between curation and choice will get sharper. Some wallets will keep adding protocols to the menu. Others, like us, will keep curating tightly. Both approaches have a real audience and they will look more clearly distinct over time.
Tomáš Sušánka: Second, the security standards will tighten. As more value moves into hardware-wallet-mediated DeFi positions, the attack surface gets more interesting to adversaries. The standards on signing transparency, on protocol selection, on disclosure of risk — those will rise over the next two years. That is an industry responsibility, not a single-company one. The companies that build well now will be the ones still operating in five years. The ones that cut corners will not.
Trezor launched native stablecoin yield in Trezor Suite on 28 May 2026. USDC and USDT on Ethereum are supported at launch via curated Morpho V2 Prime Vaults. The full announcement is available at trezor.io.
This article was produced in partnership with Trezor.
