diff --git a/ci/build.yml b/ci/build.yml
index 95c6c145b..8faa98da5 100644
--- a/ci/build.yml
+++ b/ci/build.yml
@@ -197,6 +197,8 @@ core unix regular build:
   stage: build
   <<: *gitlab_caching
   needs: []
+  variables:
+    THP: "1"
   script:
     - $NIX_SHELL --run "poetry run make -C core build_unix"
   artifacts:
diff --git a/core/Makefile b/core/Makefile
index 99125fbea..9b5a32426 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -36,6 +36,7 @@ ADDRESS_SANITIZER ?= 0
 CMAKELISTS ?= 0
 PYTEST_TIMEOUT ?= 500
 TEST_LANG ?= "en"
+THP ?= 0
 
 # OpenOCD interface default. Alternative: ftdi/olimex-arm-usb-tiny-h
 OPENOCD_INTERFACE ?= stlink
@@ -269,12 +270,12 @@ build_firmware: templates build_cross ## build firmware with frozen modules
 		TREZOR_MODEL="$(TREZOR_MODEL)" CMAKELISTS="$(CMAKELISTS)" \
 		PYOPT="$(PYOPT)" BITCOIN_ONLY="$(BITCOIN_ONLY)" \
 		BOOTLOADER_QA="$(BOOTLOADER_QA)" BOOTLOADER_DEVEL="$(BOOTLOADER_DEVEL)" \
-		DISABLE_OPTIGA="$(DISABLE_OPTIGA)" \
+		DISABLE_OPTIGA="$(DISABLE_OPTIGA)" THP="$(THP)" \
 		$(FIRMWARE_BUILD_DIR)/firmware.bin
 
 build_unix: templates ## build unix port
 	$(SCONS) CFLAGS="$(CFLAGS)" $(UNIX_BUILD_DIR)/trezor-emu-core $(UNIX_PORT_OPTS) \
-		TREZOR_MODEL="$(TREZOR_MODEL)" CMAKELISTS="$(CMAKELISTS)" \
+		TREZOR_MODEL="$(TREZOR_MODEL)" CMAKELISTS="$(CMAKELISTS)" THP="$(THP)" \
 		PYOPT="0" BITCOIN_ONLY="$(BITCOIN_ONLY)" TREZOR_EMULATOR_ASAN="$(ADDRESS_SANITIZER)"
 
 build_unix_frozen: templates build_cross ## build unix port with frozen modules
diff --git a/core/SConscript.firmware b/core/SConscript.firmware
index 629341eaf..887419c6d 100644
--- a/core/SConscript.firmware
+++ b/core/SConscript.firmware
@@ -13,6 +13,7 @@ TREZOR_MODEL = ARGUMENTS.get('TREZOR_MODEL', 'T')
 CMAKELISTS = int(ARGUMENTS.get('CMAKELISTS', 0))
 PYOPT = ARGUMENTS.get('PYOPT', '1')
 DISABLE_OPTIGA = ARGUMENTS.get('DISABLE_OPTIGA', '0') == '1'
+THP = ARGUMENTS.get('THP', '0') == '1' # Trezor-Host Protocol
 
 
 FEATURE_FLAGS = {
@@ -121,7 +122,6 @@ SOURCE_MOD += [
     'vendor/trezor-crypto/ed25519-donna/ed25519-sha3.c',
     'vendor/trezor-crypto/ed25519-donna/ed25519.c',
     'vendor/trezor-crypto/ed25519-donna/modm-donna-32bit.c',
-    'vendor/trezor-crypto/elligator2.c',
     'vendor/trezor-crypto/groestl.c',
     'vendor/trezor-crypto/hasher.c',
     'vendor/trezor-crypto/hmac.c',
@@ -389,6 +389,11 @@ TRANSLATION_DATA = [
     "translations/order.json",
 ]
 
+if THP:
+    CPPDEFINES_MOD += ['USE_THP']
+    SOURCE_MOD += [
+        'vendor/trezor-crypto/elligator2.c',
+    ]
 
 # fonts
 tools.add_font('NORMAL', FONT_NORMAL, CPPDEFINES_MOD, SOURCE_MOD)
@@ -713,6 +718,7 @@ if FROZEN:
         backlight='backlight' in FEATURES_AVAILABLE,
         optiga='optiga' in FEATURES_AVAILABLE,
         ui_layout=UI_LAYOUT,
+        thp=THP,
         )
 
     source_mpyc = env.FrozenCFile(
diff --git a/core/SConscript.unix b/core/SConscript.unix
index 5cb787d95..5ef09e514 100644
--- a/core/SConscript.unix
+++ b/core/SConscript.unix
@@ -10,6 +10,7 @@ TREZOR_MODEL = ARGUMENTS.get('TREZOR_MODEL', 'T')
 DMA2D =  TREZOR_MODEL in ('T', 'T3T1')
 OPTIGA = TREZOR_MODEL in ('R', 'T3T1')
 CMAKELISTS = int(ARGUMENTS.get('CMAKELISTS', 0))
+THP = ARGUMENTS.get('THP', '0') == '1' # Trezor-Host Protocol
 
 if TREZOR_MODEL in ('DISC1', 'DISC2'):
     # skip unix build
@@ -122,7 +123,6 @@ SOURCE_MOD += [
     'vendor/trezor-crypto/ed25519-donna/ed25519-sha3.c',
     'vendor/trezor-crypto/ed25519-donna/ed25519.c',
     'vendor/trezor-crypto/ed25519-donna/modm-donna-32bit.c',
-    'vendor/trezor-crypto/elligator2.c',
     'vendor/trezor-crypto/groestl.c',
     'vendor/trezor-crypto/hasher.c',
     'vendor/trezor-crypto/hmac.c',
@@ -191,6 +191,12 @@ if FEATURE_FLAGS["AES_GCM"]:
         'vendor/trezor-crypto/aes/aesgcm.c',
     ]
 
+if THP:
+    CPPDEFINES_MOD += ['USE_THP']
+    SOURCE_MOD += [
+        'vendor/trezor-crypto/elligator2.c',
+    ]
+
 # modtrezorio
 SOURCE_MOD += [
     'embed/extmod/modtrezorio/modtrezorio.c',
@@ -799,6 +805,7 @@ if FROZEN:
         backlight=TREZOR_MODEL in ('T', 'T3T1'),
         optiga=OPTIGA,
         ui_layout=UI_LAYOUT,
+        thp=THP,
         )
 
     source_mpyc = env.FrozenCFile(
diff --git a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto.c b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto.c
index 8d4c2d02f..082a58a4b 100644
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto.c
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto.c
@@ -55,7 +55,9 @@ static void wrapped_ui_wait_callback(uint32_t current, uint32_t total) {
 #include "modtrezorcrypto-crc.h"
 #include "modtrezorcrypto-curve25519.h"
 #include "modtrezorcrypto-ed25519.h"
+#if USE_THP
 #include "modtrezorcrypto-elligator2.h"
+#endif
 #include "modtrezorcrypto-groestl.h"
 #include "modtrezorcrypto-hmac.h"
 #include "modtrezorcrypto-nist256p1.h"
@@ -103,8 +105,10 @@ STATIC const mp_rom_map_elem_t mp_module_trezorcrypto_globals_table[] = {
      MP_ROM_PTR(&mod_trezorcrypto_curve25519_module)},
     {MP_ROM_QSTR(MP_QSTR_ed25519),
      MP_ROM_PTR(&mod_trezorcrypto_ed25519_module)},
+#if USE_THP
     {MP_ROM_QSTR(MP_QSTR_elligator2),
      MP_ROM_PTR(&mod_trezorcrypto_elligator2_module)},
+#endif
 #if !BITCOIN_ONLY
     {MP_ROM_QSTR(MP_QSTR_monero), MP_ROM_PTR(&mod_trezorcrypto_monero_module)},
 #endif
diff --git a/core/embed/extmod/modtrezorutils/modtrezorutils.c b/core/embed/extmod/modtrezorutils/modtrezorutils.c
index bff4e7532..309e4684b 100644
--- a/core/embed/extmod/modtrezorutils/modtrezorutils.c
+++ b/core/embed/extmod/modtrezorutils/modtrezorutils.c
@@ -434,6 +434,8 @@ STATIC mp_obj_tuple_t mod_trezorutils_version_obj = {
 /// """Whether the firmware is Bitcoin-only."""
 /// UI_LAYOUT: str
 /// """UI layout identifier ("tt" for model T, "tr" for models One and R)."""
+/// USE_THP: bool
+/// """Whether the firmware supports Trezor-Host Protocol (version 3)."""
 
 STATIC const mp_rom_map_elem_t mp_module_trezorutils_globals_table[] = {
     {MP_ROM_QSTR(MP_QSTR___name__), MP_ROM_QSTR(MP_QSTR_trezorutils)},
@@ -497,6 +499,11 @@ STATIC const mp_rom_map_elem_t mp_module_trezorutils_globals_table[] = {
 #else
     {MP_ROM_QSTR(MP_QSTR_BITCOIN_ONLY), mp_const_false},
 #endif
+#ifdef USE_THP
+    {MP_ROM_QSTR(MP_QSTR_USE_THP), mp_const_true},
+#else
+    {MP_ROM_QSTR(MP_QSTR_USE_THP), mp_const_false},
+#endif
 #ifdef UI_LAYOUT_TT
     {MP_ROM_QSTR(MP_QSTR_UI_LAYOUT), MP_ROM_QSTR(MP_QSTR_TT)},
 #elif UI_LAYOUT_TR
diff --git a/core/mocks/generated/trezorutils.pyi b/core/mocks/generated/trezorutils.pyi
index 088da5cd2..d1a4c157d 100644
--- a/core/mocks/generated/trezorutils.pyi
+++ b/core/mocks/generated/trezorutils.pyi
@@ -144,3 +144,5 @@ BITCOIN_ONLY: bool
 """Whether the firmware is Bitcoin-only."""
 UI_LAYOUT: str
 """UI layout identifier ("tt" for model T, "tr" for models One and R)."""
+USE_THP: bool
+"""Whether the firmware supports Trezor-Host Protocol (version 3)."""
diff --git a/core/site_scons/site_tools/micropython/__init__.py b/core/site_scons/site_tools/micropython/__init__.py
index 94477ba2c..d4f422ff6 100644
--- a/core/site_scons/site_tools/micropython/__init__.py
+++ b/core/site_scons/site_tools/micropython/__init__.py
@@ -47,6 +47,7 @@ def generate(env):
         optiga = env["optiga"]
         layout_tt = env["ui_layout"] == "UI_LAYOUT_TT"
         layout_tr = env["ui_layout"] == "UI_LAYOUT_TR"
+        thp = env["thp"]
         interim = f"{target[:-4]}.i"  # replace .mpy with .i
         sed_scripts = " ".join(
             [
@@ -56,6 +57,7 @@ def generate(env):
                 rf"-e 's/utils\.USE_OPTIGA/{optiga}/g'",
                 rf"-e 's/utils\.UI_LAYOUT == \"TT\"/{layout_tt}/g'",
                 rf"-e 's/utils\.UI_LAYOUT == \"TR\"/{layout_tr}/g'",
+                rf"-e 's/utils\.USE_THP/{thp}/g'",
                 r"-e 's/if TYPE_CHECKING/if False/'",
                 r"-e 's/import typing/# \0/'",
                 r"-e '/from typing import (/,/^\s*)/ {s/^/# /; }'",
diff --git a/core/src/trezor/crypto/__init__.py b/core/src/trezor/crypto/__init__.py
index c08024842..51c159fe1 100644
--- a/core/src/trezor/crypto/__init__.py
+++ b/core/src/trezor/crypto/__init__.py
@@ -4,7 +4,6 @@ from trezorcrypto import (  # noqa: F401
     bip39,
     chacha20poly1305,
     crc,
-    elligator2,
     hmac,
     pbkdf2,
     random,
@@ -22,3 +21,6 @@ if not utils.BITCOIN_ONLY:
 
 if utils.USE_OPTIGA:
     from trezorcrypto import optiga  # noqa: F401
+
+if utils.USE_THP:
+    from trezorcrypto import elligator2  # noqa: F401
diff --git a/core/src/trezor/utils.py b/core/src/trezor/utils.py
index e3ca5be87..995af3198 100644
--- a/core/src/trezor/utils.py
+++ b/core/src/trezor/utils.py
@@ -13,6 +13,7 @@ from trezorutils import (  # noqa: F401
     USE_BACKLIGHT,
     USE_OPTIGA,
     USE_SD_CARD,
+    USE_THP,
     VERSION,
     bootloader_locked,
     check_firmware_header,
diff --git a/core/tests/test_trezor.crypto.elligator2.py b/core/tests/test_trezor.crypto.elligator2.py
index f6312f4b7..1c4189fcf 100644
--- a/core/tests/test_trezor.crypto.elligator2.py
+++ b/core/tests/test_trezor.crypto.elligator2.py
@@ -1,10 +1,13 @@
 from common import *
 
-from trezor.crypto import elligator2
+if utils.USE_THP:
+    from trezor.crypto import elligator2
 
 
+@unittest.skipUnless(utils.USE_THP, "only needed for THP")
 class TestCryptoElligator2(unittest.TestCase):
     def test_map_to_curve25519(self):
+
         # https://elligator.org/vectors/curve25519_direct.vec
         vectors = [
             ("0000000000000000000000000000000000000000000000000000000000000000",
diff --git a/docs/ci/jobs.md b/docs/ci/jobs.md
index 5fb64ffcf..ca21d7d12 100644
--- a/docs/ci/jobs.md
+++ b/docs/ci/jobs.md
@@ -81,69 +81,69 @@ Build of Core into firmware. Bitcoin-only version.
 Non-frozen emulator build. This means you still need Python files
 present which get interpreted.
 
-### [core unix regular R build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L209)
+### [core unix regular R build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L211)
 Non-frozen emulator build for model R.
 
-### [core unix regular asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L223)
+### [core unix regular asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L225)
 
-### [core unix frozen regular build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L244)
+### [core unix frozen regular build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L246)
 Build of Core into UNIX emulator. Something you can run on your laptop.
 Frozen version. That means you do not need any other files to run it,
 it is just a single binary file that you can execute directly.
 
-### [core unix frozen btconly debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L263)
+### [core unix frozen btconly debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L265)
 Build of Core into UNIX emulator. Something you can run on your laptop.
 Frozen version. That means you do not need any other files to run it,
 it is just a single binary file that you can execute directly.
 See [Emulator](../core/emulator/index.md) for more info.
 Debug mode enabled, Bitcoin-only version.
 
-### [core unix frozen btconly debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L279)
+### [core unix frozen btconly debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L281)
 
-### [core unix frozen debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L302)
+### [core unix frozen debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L304)
 Build of Core into UNIX emulator. Something you can run on your laptop.
 Frozen version. That means you do not need any other files to run it,
 it is just a single binary file that you can execute directly.
 **Are you looking for a Trezor T emulator? This is most likely it.**
 
-### [core unix frozen R debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L315)
+### [core unix frozen R debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L317)
 
-### [core unix frozen T3T1 debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L330)
+### [core unix frozen T3T1 debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L332)
 
-### [core unix frozen R debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L344)
+### [core unix frozen R debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L346)
 
-### [core unix frozen T3T1 debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L367)
+### [core unix frozen T3T1 debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L369)
 
-### [core unix frozen debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L390)
+### [core unix frozen debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L392)
 
-### [core unix frozen debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L406)
+### [core unix frozen debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L408)
 
-### [core macos frozen regular build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L428)
+### [core macos frozen regular build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L430)
 
-### [crypto build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L453)
+### [crypto build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L455)
 Build of our cryptographic library, which is then incorporated into the other builds.
 
-### [legacy fw regular build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L483)
+### [legacy fw regular build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L485)
 
-### [legacy fw regular debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L499)
+### [legacy fw regular debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L501)
 
-### [legacy fw btconly build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L516)
+### [legacy fw btconly build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L518)
 
-### [legacy fw btconly debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L535)
+### [legacy fw btconly debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L537)
 
-### [legacy emu regular debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L556)
+### [legacy emu regular debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L558)
 Regular version (not only Bitcoin) of above.
 **Are you looking for a Trezor One emulator? This is most likely it.**
 
-### [legacy emu regular debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L571)
+### [legacy emu regular debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L573)
 
-### [legacy emu regular debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L589)
+### [legacy emu regular debug build arm](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L591)
 
-### [legacy emu btconly debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L615)
+### [legacy emu btconly debug build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L617)
 Build of Legacy into UNIX emulator. Use keyboard arrows to emulate button presses.
 Bitcoin-only version.
 
-### [legacy emu btconly debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L632)
+### [legacy emu btconly debug asan build](https://github.com/trezor/trezor-firmware/blob/master/ci/build.yml#L634)
 
 ---
 ## TEST stage - [test.yml](https://github.com/trezor/trezor-firmware/blob/master/ci/test.yml)