Existing static physical side-channel attacks rely on clock gating or voltage modulation, which often trigger tamper-detection sensors in secure chips—causing key erasure—and are incompatible with devices employing internal clock sources. This work introduces Chypnosis, a novel attack that induces controlled, rapid dynamic undervolting to drive the target chip into a brownout sleep state. Crucially, this approach freezes all internal clocks without activating voltage or clock tamper sensors, thereby preserving the integrity of secret key bits stored in SRAM and flip-flops. Chypnosis achieves the first known *stealthy clock freezing* technique, fully compatible with internally clocked architectures and eliminating dependence on external clock control—a fundamental limitation of prior static attacks. Evaluated on an AMD FPGA platform, Chypnosis successfully bypasses all major hardware-level countermeasures, achieving over 92% accuracy in key bit recovery.

There is a growing class of static physical side-channel attacks that allow adversaries to extract secrets by probing the persistent state of a circuit. Techniques such as laser logic state imaging (LLSI), impedance analysis (IA), and static power analysis fall into this category. These attacks require that the targeted data remain constant for a specific duration, which often necessitates halting the circuit's clock. Some methods additionally rely on modulating the chip's supply voltage to probe the circuit. However, tampering with the clock or voltage is typically assumed to be detectable, as secure chips often deploy sensors that erase sensitive data upon detecting such anomalies. Furthermore, many secure devices use internal clock sources, making external clock control infeasible. In this work, we introduce a novel class of static side-channel attacks, called Chypnosis, that enables adversaries to freeze a chip's internal clock by inducing a hibernation state via rapid undervolting, and then extracting secrets using static side-channels. We demonstrate that, by rapidly dropping a chip's voltage below the standard nominal levels, the attacker can bypass the clock and voltage sensors and put the chip in a so-called brownout condition, in which the chip's transistors stop switching, but volatile memories (e.g., Flip-flops and SRAMs) still retain their data. We test our attack on AMD FPGAs by putting them into hibernation. We show that not only are all clock sources deactivated, but various clock and voltage sensors also fail to detect the tamper event. Afterward, we present the successful recovery of secret bits from a hibernated chip using two static attacks, namely, LLSI and IA. Finally, we discuss potential countermeasures which could be integrated into future designs.