We’re excited to announce that the latest version of Passport firmware – 2.2.0 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.
WHAT’S CHANGED
With this version of Passport’s firmware we’ve added the ability to seamlessly switch back and forth between signing via QR and microSD, added the ability to restore from SeedQR, improved the user interface on Founder’s Edition, and added many quality of life improvements across the board. With the number of new features we included in 2.1.0, we took this release to focus on refining our unified firmware between Founder’s Edition and Batch 2, as well as paving the way for full Taproot support in 2.3.0.
For more details on each of the changes, keep reading below!
NEW FEATURES
Automatically detect when a transaction being signed via QR is very large and prompt the user with the option to sign via microSD instead.
When a transaction is very large signing via QR codes can take quite a long time. This change makes it much easier for users to switch to signing via microSD before going through the hassle of trying to sign an excessively large QR code.
You can now write a signed transaction out to microSD directly from the animated QR screen on Passport.
Changed your mind and want to use microSD for that transaction you just signed? Now you can do so all from the same screen without having to go through the process of signing again.
You can now import a SeedQR directly into Passport when restoring from seed.
Easily import a SeedQR from an existing wallet or restore from a SeedQR backup of Passport with a simple QR scan.
IMPROVEMENTS
Further improved signing of abnormally large transactions via both QR code and microSD.
Improved the spacing and alignment of text throughout the menu UI on Founder’s Edition to better account for the slightly different screen sizes.
Implemented secp256k1 support from rust-bitcoin, a requirement for full Taproot receive support in a future update.
We now create directories automatically on the microSD card as needed for storing partially-signed Bitcoin transactions (PSBTs), multisig configs, wallet configs, health checks, and Key manager.
This makes managing files much easier, especially when viewing the contents of your microSD card on a computer.
Passport now uses a 3-digit code for sorting backup files, ensuring that backups are easier to distinguish and sort.
Backups are now also sorted in reverse order, so you’ll always find your latest backup at the top when restoring or viewing existing backups!
Added additional context when setting a passphrase to ensure users understand that all passphrases are valid, and that Passport will clear passphrases upon shutdown.
Initial address verification for new accounts is now much faster.
Optimized fonts to free up some space in firmware.
Improved the Foundation icon when setting up a new Passport Founder’s Edition device.
Improved special character selection.
Upgraded to the latest version of foundation-rs, our open-source Rust library.
Removed unnecessary USB files, correcting a minor licensing display issue and simplifying compilation.
Improved copy and behavior of hiding and showing hidden keys in Key Manager.
Improved the behavior of the passphrase application flow when a user incorrectly enters a passphrase and notices the fingerprint does not match.
Improved copy on the account details screen regarding the derivation path.
Improved the way top icons are displayed on Founder’s Edition.
Improved battery level detection and display on Founder’s Edition.
BUG FIXES
Fixed a rare bug that wouldn’t properly display the message after a device is bricked after 21 failed PIN attempts.
Passport now properly displays an error when an unusable QR code is scanned that the user can close.
Passport now properly resumes saving a file if a microSD card is inserted at the “Missing microSD card” screen.
Fixed a display issue when canceling a transaction before signing.
Fixed a rare bug where big transactions would occasionally prevent Founder’s Edition from displaying the signed QR code transaction.
Fixed a minor display issue with specific, long-form error messages.
Fixed a minor issue when exporting to Sparrow under rare circumstances.
VERIFYING, REPRODUCING, AND INSTALLING PASSPORT FIRMWARE
If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page
If you’d like to take the additional step of testing the reproducibility of Passport’s firmware, you can follow our guide on the topic here: Reproducibility Guide
We’re excited to announce that the latest version of Envoy – 1.5.1 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.
Please note that there can be a significant lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.
What’s changed
Note: v1.5.1 is a bug-fix release that resolves an issue updating firmware via Envoy on iOS. We’ve replicated the release notes here from 1.5.0 with the additional bug fix.
With this release of Envoy, we’ve focused on bringing you fully-featured support for Taproot! This not only expands the use-cases and access for Envoy as a mobile wallet, but it also paves the way for full Taproot support to be added to Passport in the upcoming v2.3.0 firmware. We’ve also included a proper Spanish translation to Envoy, and many quality of life improvements and bug fixes.
For more details on each of the changes, keep reading below!
New Features
Envoy now has full Taproot ???? support, allowing you to easily send and receive with the latest and greatest features in Bitcoin!
For those who want to use Taproot, simply enable support from the settings under the “Advanced” drop-down and a new Taproot-specific account will be created for you.
This also paves the way for full Taproot support in Passport, coming in firmware v2.3.0 very soon!
Envoy now has a Spanish translation available to all of our Spanish-speaking users!
Improvements
Envoy now allows users to select a preferred language in settings on iOS and Android.
Upgrade Flutter to the latest stable release, v3.16.1.
Envoy now automatically excludes coins that are too low of a value to spend in the current high-fee environment.
We’ve noticed that in the current fee environment, a native behavior of BDK that is designed to protect you from wasting sats could get a bit confusing. If you have coins that are relatively low value, it’s possible that they could cost more to spend than the value of the coin, meaning spending them would just be burning precious satoshis.
We still leverage the BDK default to help protect you from losing satoshis sending coins that are too low of value, but now we give you a clear warning when this would happen via a shiny new modal.
You can now hide amounts on an account while in the detailed account view.
Improved how the bottom sheet shows amounts when using coin control when minimized.
Users who have previously used Magic Backups and then manually restore the same seed now get the option to restore their previous Magic Backup or simply use a manual wallet.
Improved how selecting coins works when switching views.
Added a warning when a user manually selects coins and then changes the fee on the transaction review screen, as it can cause Envoy to automatically re-select coins for the user.
Updated our Tor library to the latest version of Arti, v1.1.11.
Bug Fixes
Fixed an issue unselecting an entire tag in coin control if some coins in that tag are locked.
Fixed a minor display issue when deleting a mobile wallet.
Fix an issue with units displayed on the send screen showing sats even when denominated in BTC.
Fixed an issue where redeeming an Azteco voucher could show duplicate entries in the activity screen.
Corrected the informational text on the unsigned PSBT screen.
Fixed an issue where the firmware update button would be slightly off-center.
Fixed a minor padding issue on the tag details card.
Fixed a rare issue that could cause a blank screen when pairing an existing Passport account.
Fixed an issue where an address could display incorrectly in the transaction details screen when receiving multiple outputs in a single transaction.
Fixed a display issue where excessively long device names could break the version pill on the devices tab.
Fixed an account renaming issue.
Fixed various minor display issues.
Verifying Envoy on Android
If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android
There was a time when Apple shipped the schematics alongside the computer, a time when they encouraged us to “think different.” There was a time when Google lived by the guiding principle of “don’t be evil.” No longer.
We believe technology is progressing in the wrong direction. Rather than offering freedom, technology is used to surveil and control.
Ledger knows how much money you store on your hardware wallet and sees your transactions. Google knows everything about you. Your TV monitors what you watch and sells your data. Your car knows where you are at all times and will soon integrate breathalyzers and kill switches.
Technological progress in the physical world has slowed. An overwhelming majority of hardware and manufacturing innovations are closed source and proprietary. Open source software propelled us to the Internet, to Bitcoin – but open source hardware is a rarity.
At Foundation we believe that technology can be used as a tool to empower the individual with freedom, with sovereignty, with privacy. We believe that building superior open source hardware and software is the key to unlocking an era of prosperity and permissionless innovation.
As in Asimov’s Foundation trilogy, we’ve asked ourselves – what can we do to help navigate this period of chaos and usher in a new era of freedom and prosperity?
This brought us to our beginning. To Bitcoin.
Bitcoin
It all started with Bitcoin. It is our strong belief that a transition to Bitcoin as the global monetary standard will re-align society and fix our most important problems. In short, we believe that “Bitcoin fixes this!” So this is where we’ve chosen to begin our journey.
Foundation believes that Bitcoin itself is at a crossroads. On one side are ETFs, exchanges, custodial providers, intense and crushing regulations – maybe even 6102 orders. On the other side is custody, decentralization, permissionless innovation, strong financial privacy, and even an end to central banking as we know it.
This is why our first product was Passport, the best-in-class Bitcoin hardware wallet. The most fundamental aspect of Bitcoin is to hold your own keys, to control your own money and your own destiny. Passport makes that possible for more people than ever before.
During the 2024-2028 epoch, Foundation will build a cohesive ecosystem of Bitcoin devices, tied together by our Envoy mobile app.
Freedom Tech
But we aren’t stopping at Bitcoin. As the world achieves global Bitcoin adoption during the 2028-2032 epoch, Foundation will broaden our approach and focus on expanding our freedom tech ecosystem to more platforms. Smartphones and computers running a next-gen, ultra-secure, privacy-preserving operating system. Self hosted smart home products with integrated AI. Maybe even a car?
The Secret Master Plan
Below is Foundation’s master plan through 2032.
2020-2024: Build a hardware wallet and mobile app.
2024-2028: Use that money to build an ecosystem of Bitcoin devices.
2028-2032: Use that money to build a freedom-tech computing ecosystem.
While doing above, release everything as fully open source, vertically integrate manufacturing, and – most important – hold true to our principles.
With the release of Envoy version 1.4 today, we’ve taken the next big leap forwards in our goal with Envoy — to bring the best of Bitcoin to you, simplified. Since the release of Envoy’s full mobile wallet functionality with Magic Backup, we’ve been working tirelessly to bring you the next phase focused on giving you full control over your Bitcoin. Say hello to the most intuitive and approachable coin control to date.
Coin Control Made Easy
Taking control of your money has been a part of our mission from day one, and the ability to control exactly how you spend your bitcoin through Envoy is a key part of that. In this release of Envoy we’ve spent countless hours taking the concept of coin control that has existed in other Bitcoin wallets back to the drawing board, as coin control should be within reach of everyone, not just “techy” Bitcoiners. We think coin control should be something even grandma can use.
The concept of coin control can often be a foreign one to new Bitcoiners, but quite simply it’s a tool that allows you to choose what coins get spent in each transaction. The standard functionality of a wallet is to use a coin-selection algorithm to intelligently select the best coins to spend when you send bitcoin, but without some form of coin control there is no way for the algorithm to know what history each coin carries with it. When you combine coins with different histories, you reveal information about your financial activity you may not be intending to share!
When you use coin control, you can tag coins and add notes to transactions as you use Envoy, allowing you to spend only the coins which you want to each time you spend your bitcoin. Don’t want to reveal how much you get paid to your grocer? Only pay him using coins from your previous visits to the grocery store. Tired of your barista seeing how much you paid for dinner last night? Only pay him using coins you just got peer-to-peer. Coin control gives you total control over what information you choose to reveal each time you use Bitcoin — the very definition of privacy.
Using coin control on Envoy is just a tap away behind the new “Tags” icon inside of each account, where you can easily select to spend from an entire tag or get into the weeds and select individual coins to spend. You can keep things as simple as you want or get as granular as you want — you’re in control now. And if the concept of coin control seems like too much for you today, you can simply never touch it and still benefit from a smart coin-selection algorithm in the background that does its best to reduce fees while preserving your privacy.
All of this functionality gets added on top of the 60 second onboarding that Envoy brings via Magic Backups, the seamless integration with Passport, and the fully customizable privacy settings across the board. It’s time you experienced Bitcoin, simplified by downloading Envoy today.
We have a deep passion for user education and empowerment, and want to make the output of that passion more accessible through Envoy. When you have questions about how Envoy or Passport works, want to learn more about Bitcoin, or simply want to pass the time with the sound of BitcoinQnA’s voice in the background, we’ve got you covered. We’ve started from scratch and improved every aspect of the Learn center, starting with a drastically improved video player and a new video host. Videos are faster to load, easier to control, and are now automatically marked as watched afterwards.
We’ve also added full support for reading our blog posts directly in Envoy without ever leaving the app or opening your browser. Blog posts also get marked as read immediately after viewing them, making it simple to keep up with the latest in Foundation announcements and education. In addition, we’ve revamped our FAQ section at the bottom and updated it with all of the recent changes in Envoy and Passport.
Privacy Shield Joins the Toolbar
We’ve always held preserving user privacy as one of our chief values at Foundation, and that starts with the options available to our Passport and Envoy users. With this version of Envoy, we’re taking things a step further and improving the visibility and usability of all of those privacy settings in Envoy with a new standalone section we’re calling the “Privacy Shield.” Quickly connect to your own Bitcoin full node, switch back to Foundation’s, use Tor for improved privacy, or turn Tor off for better performance when necessary.
Everything you need to know about preserving your privacy while using Envoy can be found in our documentation: Privacy | Foundation Docs
Activity Center, Reborn
In addition to launching coin control and revamping our privacy settings, we’ve taken the time to overhaul the activity center in Envoy and give it a new home in the toolbar. Everything you need to keep up with your Bitcoin activity, Passport firmware updates, and more can be found in the Activity Center now. We plan on expanding this in the near future to encompass more things as well, so keep an eye out for future Envoy updates!
If this has piqued your interest, head on over to our full release notes to learn more about what we’ve added, improved, or fixed with this release of Envoy:
We can’t wait to hear your feedback on this latest iteration of Envoy, and if you have any questions or run into any issues, please don’t hesitate to reach out:
We’re excited to announce that the latest version of Envoy – 1.4.0 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.
Please note that there can be a lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.
What’s changed
In this version of Envoy we’ve implemented intuitive and easy-to-use coin control, a new Activity Center and Privacy Shield, a redesigned Learn tab, broad user experience and user interface improvements, and squashed bugs across the board.
We’re especially excited about our implementation of coin control in Envoy, as there has been a lack of intuitive coin control on mobile for Bitcoin users in the past, even though coin control is vital for giving you control over your privacy. We’ve spent countless hours building coin control in Envoy from the ground up to be as easy to use, as powerful, and as privacy-preserving as possible. Coin control isn’t just for technical users anymore.
For more details on each of the changes, keep reading below!
New Features
Say hello to the most intuitive and approachable coin control in any Bitcoin wallet to date ????
Coin control is a vital feature that allows you to preserve your privacy on Bitcoin and choose what information to reveal about your financial activity to those you interact with, but has been a feature only accessible to technical users in the past.
We’ve been working tirelessly to bring you an implementation of coin control that even grandma can use. Easily tag your funds as you receive them, lock or unlock individual coins, choose exactly which coins to spend, or simply spend from a single tag with just a few taps.
Redesigned the Learn tab from the ground up, with an entirely new UI, improved video player, the ability to read blog posts directly in Envoy, and an improved FAQ section ????
Videos and blog posts now also get marked as watched/read when opened, and can be manually marked as unread by long-pressing on the item in the Learn tab.
Implemented a new Activity Center and Privacy Shield in the bottom toolbar ???? ????️
We’ve broken out our privacy settings into their own new home on the toolbar, as well as migrated the activity center from the bell icon to it’s own page.
The new Activity Center will now show transactions, firmware update announcements, and more in the future!
Implemented full support for BRL fiat conversion. Welcome, Brazil! ????????
Implemented new “sat” and “btc” icons for units instead of text.
Our use of Arti has shown solid improvements in Tor connectivity, and when paired with the implementation of DDoS protection in the Tor network has made Tor far more usable than it previously has been for the average user!
Greatly improved performance and resolved rare crashes for users with wallets that are heavily used, i.e. Samourai Wallet post-mix accounts.
Automatically add a note on Azte.co voucher redemption transactions indicating that they were from Azte.co.
Updated to support the latest azte.co API and voucher changes.
Long pressing on the delete button now deletes all entered text when constructing a transaction.
Envoy now automatically backs up the Envoy Backup file to Foundation servers every hour.
Only applicable when Magic Backups are opted into by a user.
Improved the responsiveness of the “Backup Now” button for Magic Backups to show when a backup is successful.
Broad updates and improvements to the frequently asked questions (”FAQs”) in the Learn tab.
Improved descriptions and copy in pairing screens.
Implemented new “hamburger” menu icon with open/close animations.
Improved the firmware update flow when firmware is downloaded but not properly copied to microSD for any reason.
Made it easier to use Envoy purely as a Passport companion app for those who don’t want Envoy as a mobile wallet.
It’s now easier to add additional Passport accounts without accidentally triggering the mobile wallet setup flow.
Improved screens across iOS, specifically those around pairing with Passport and downloading firmware.
Added the ability for Envoy to use the system locale to better display units and times throughout the app.
Added a shiny new animation to the manual mobile wallet setup flow.
Improved the way transactions display in the Activity tab.
Migrated video hosting for the Learn tab to Vimeo.
Bug Fixes
Corrected some minor issues with settings not being properly backed up and restored as a part of Magic Backups.
Removed fiat value for testnet coins – they have no value!
Properly display an error when an invalid Envoy Backup file restore is attempted.
Properly decode BIP 21 URIs with empty amounts.
Updated several dependencies to resolve inherited minor security issues.
Fixed several app freezes and crashes on iOS when a user had many accounts or deep wallets.
Fixed a rare backup conflict when using QR recovery with Magic Backups.
Resolved an issue with the previous Tor library where local network access would be requested in iOS (but not used).
Resolved several minor issues with how Envoy interprets the native Android back button.
Resolved lag when the app was opened while in Airplane Mode.
Fixed some minor text centering issues.
Resolved an issue where an account renaming would revert on iOS without the users input.
Resolved a rare bug when screen recording Envoy usage.
Resolved an issue where a user that ops into manual setup gets shown Magic Backup settings incorrectly.
Fixed an issue where the shield would stay red after a successful manual recovery.
Fixed a display issue possible when repeatedly adding and removing accounts.
Fixed a display issue where the + button could disappear.
Resolved some issues with account renaming when certain keyboard functions are used.
Resolved issues with screen sizing on smaller phones (i.e. iPhone 7).
Fixed an issue where saving a custom node would occasionally not persist.
Resolved a bug where prompts could appear where they shouldn’t.
Verifying Envoy on Android
If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android
Freedom.Tech is a global hub championing Bitcoin builders, open-source developers, educators, and privacy tech pioneers, and we see it as an invaluable addition to the Foundation family.
We’ve been working hard behind the scenes over the past few months to launch a new content hub that lets you find content on the bleeding edge of technology, learn how you can take actionable steps in the fight for freedom, and amplify your own voice by writing unique content.
Freedom.Tech gives us a place to broaden our educational efforts that still aligns closely with what we’ve been doing on the Foundation blog, with our “This Month in Sovereignty” newsletter, and with the “Journey to Sovereignty” podcast. As such, we’ve gone ahead and added our existing email subscribers to the Freedom.Tech email list, as a good portion of our existing content will now flow to Freedom.Tech.
Don’t want to get emails about Freedom.Tech? Feel free to reply to an email and let us know, or simply unsubscribe once you get the first email from Freedom.Tech.
What is the “Freedom Tech” Movement?
From the earliest days of the Internet, an ongoing struggle has existed between those who would use the immense potential of this new technology to control or suppress human freedom, and those who would use it to empower the individual and promote human flourishing. This struggle has taken many forms over the decades, starting with the cryptoanarchists in the 1980’s and the cypherpunks of the 1990’s, both of which shared a common goal of enabling individual freedom through the use of cutting-edge technology.
Just as us humans strive for freedom, information in the digital age “longs to be free.” The “freedom tech” movement is a burgeoning grassroots movement that aims to encourage the optimistic, untethered development and use of technologies by people from all backgrounds, languages, and cultures across the globe. Freedom tech allows us to slow a rise in authoritarianism, fight back against encroaching surveillance capitalism, and empower journalists, dissidents, and activists everywhere.
We believe that the freedom tech movement closely aligns with that of the open source movement, and we hold the ideals of free and open-source software closely. While the freedom tech movement has no central authority or leader to dictate its aims, we have laid out the aspects of technology we consider vital to the movement below. Freedom tech should be:
✅ Free and open source
✅ Without usage restrictions
✅ Privacy-preserving
✅ Resistant to censorship
Quite simply, “freedom tech” is technology that empowers you.
What does this mean for Foundation content?
As Freedom.Tech gives us an excellent platform to focus content efforts outside of our products, we’ll be splitting our existing “This Month in Sovereignty” newsletter. Company updates, firmware releases, and similar posts will be packaged concisely in a new “Foundation Updates” monthly newsletter, while broader content around FOSS, freedom tech, and important news in the space will migrate to a monthly Freedom.Tech newsletter.
Similarly, we’ll be broadening the scope of our “Journey to Sovereignty” podcast and relaunching with a set of fantastic guests, covering a much wider variety of freedom tech topics as a result. We’re still in the process of revamping the podcast, so keep an eye out for more announcements there in the near future.
Learn more
With this launch we’ve included a few original blog posts, and are working hard to get some of the best writers in the space involved and amplifying their content on Freedom.Tech. We’ll be running some fun competitions (including giving away a free Passport!) over the next few weeks as a part of this launch, so be sure to follow us on X and/or Nostr as well:
Take a minute and ask yourself two simple questions: who or what are you trying to protect your Bitcoin from? How far are you willing to go to protect it?
These two questions are the root of a concept called “threat modeling”, and should be the basis for deciding what steps you take to secure your Bitcoin. Answering these two questions properly requires an understanding of what threats are out there to your Bitcoin and how they can be prevented.
In today’s blog post we’re going to walk through the most common threats to a Bitcoiner’s sats and break down how Passport helps to keep your savings safe.
Loss of funds
The threat: While this isn’t an intentional attack by a bad actor, it’s by far the most common way that people lose their Bitcoin. If proper backups aren’t kept, frequently tested, and broadly distributed, loss of funds is an ever present risk.
Losing your Bitcoin can certainly happen due to unforeseen events like house fires and floods, but it most often comes as a result of over-complicated setups and unplanned inheritance. It’s easy to want to always be on the cutting edge of security and wallet setups in the Bitcoin space, but it often pays to follow the old “KISS” (”keep it simple, stupid!”) adage when it comes to storing your Bitcoin!
Be sure that you thoroughly test the recovery process of whatever setup you do decide, and ensure that those you want to pass your Bitcoin on to can follow the recovery process without any additional help or input from you. It pays (in sats!) to be thorough and diligent when it comes to storing your Bitcoin.
How Passport protects you: Passport takes two major approaches to helping you preserve access to your Bitcoin: (1) providing users the necessary tools to write down their seed phrase and/or backup PIN code safely, and (2) providing encrypted microSD backups as the default option. Our goal with Passport backups is to prevent losing Passport from being a life altering event, instead equipping you to easily and safely restore funds anytime.
Encrypted backups in particular provide a uniquely powerful backup method, as you can easily distribute encrypted backup files broadly, be it your favorite cloud service, your password manager, or many different microSD cards or USB flash drives. As the backup file itself is encrypted, even if an attacker stumbles upon it they won’t be able to tell what it is, much less access the seed phrase within it without the associated backup PIN code. Then simply make multiple, geographically distributed copies of your backup PIN code (never together with your encrypted backup file!) and you’ll always have the ability to recover funds.
For the more traditional Bitcoiner, you can choose any number of backup methods for the seed phrase itself, including steel backups to ensure that fire and weather can’t harm your backups.
The attack: The idea of social engineering is as old as time, but has become even more rampant in the digital age. When it comes to Bitcoin, often the largest risk to a user’s funds is someone online tricking them to install malicious firmware or enter their seed phrase directly into malicious software.
When it comes to scams centered on tricking users to enter their seed phrase, while there is no technical way to prevent this (a user always needs to be able to access their seed phrase for backup purposes), Passport forces a user to go through several prompts warning them not to share or reveal their seed phrase to anyone else.
Malware on your computer or phone
The attack: Malicious software wallets are a constant, ongoing battle in the Bitcoin space and have claimed many sats from good Bitcoiners over the years. The common attack is to use advertisements on Google Search or use similar names on platforms like the Google Play Store to trick users into installing malicious versions of popular wallets.
How Passport protects you: One of the biggest benefits to a hardware wallet that utilizes an air-gapped design like Passport is that it is practically impossible for malware to steal funds in any way if the user is observant. Passport’s air-gapped design means that no matter what software wallet you’re using, you always have to scan in the transaction and verify the transaction details on Passport’s large, color screen before signing.
Even if the wallet attempts to provide Passport with a fake change address, a common and stealthy attack, Passport will check the change address and warn if it does not belong to your wallet. As the malware on your computer has no way to access Passport via USB or Bluetooth, it cannot infect Passport and make Passport display false transaction details, either. This is an immensely powerful defense and one that protects you against many different threats!
The next time you send a transaction, take a bit of extra time and be sure that you’re verifying the address and amount properly to protect your sats. In addition, make sure to bookmark the legitimate sites for your favorite Bitcoin wallets, never trust a random DM on Telegram, and verify software that you download whenever possible.
“Evil maid” attacks
The attack: An “evil maid” attack is a category of attacks encompassing any time an attacker gains physical access to a device that’s off. This can happen when you’re at home (i.e. someone you trust), when you’re traveling (i.e. an actual maid at a hotel), or when the device is in transit (i.e. checked baggage while flying). A whole new world of risk opens up as soon as an attacker has physical access to your Bitcoin wallet as they can perform a host of attacks.
The most common evil maid attack is to swap your Bitcoin wallet with a malicious wallet that records your PIN code and then recover the malicious device and use the captured PIN code to steal funds from your wallet.
How Passport protects you: Passport provides two main mechanisms to help protect yourself against a malicious device swap attack. Security words are easily enabled in Passport’s settings and make Passport show you two unique security words that can not be seen or replicated without knowledge of your PIN. You can learn more on how to use this feature in our documentation here.
The second defense is to check the boot count under Firmware in settings and compare with what you’d expect. While it’s a simple and less fool-proof check, it does add an additional layer of difficulty for any device swap.
The attack: This one is quite straight forward, and involves an attacker simply stealing your Bitcoin wallet. Stealing your hardware wallet gives the attacker more time to attempt physical attacks or a PIN brute-force attack, though the fact that your wallet is missing can give you a chance to move funds if you have proper backups available.
How Passport protects you: Passport has been built from the ground up to provide an extremely strong defense in the case of a stolen device. Passport’s security architecture leverages a secure element to best protect against physical attacks, making successful physical attacks that steal funds infeasible.
Passport’s secure element provides a strong hardware-based PIN code rate limiting, allowing only 21 attempts to enter the correct PIN before the device is intentionally bricked and no seed is able to be recovered from the device. The secure element also prevents an attacker with strong electronics expertise from being able to extract the seed from the processor or memory, as the secure element would also have to be compromised to retrieve a working private key.
The attack: Last but not least, we have supply chain attacks where an attacker intercepts the device before you receive it. The attacker could tamper with the hardware of the device and re-assemble it with some form of backdoor or transmission of the private key built in.
How Passport protects you: With Passport we’ve engineered a novel supply chain verification system that leverages the secure element on Passport. Every Passport device has a secret key locked away in the secure element that is used when you setup your Passport to perform a challenge-response check with our servers that will only be valid on devices we have provisioned directly at the factory that have not been tampered with.
If the secure element is tampered with in any way, or if a malicious device was swapped out for a legitimate one it would be unable to pass supply chain verification.
While seeing many of the potential threats to your Bitcoin can feel overwhelming, note that the vast majority of these threats are mitigated by simply using Passport as intended. Secure self-custody doesn’t have to be complex and daunting, though we do have to be vigilant and responsible when taking back control of our money via Bitcoin.
One of the powerful use-cases that Bitcoin unlocked with it’s peer-to-peer nature is the ability to incentivize and reward contributions without any middlemen or hoops to jump through. This movement has come to be known as “value4value,” and has provided an immensely powerful new tool for content creators, Nostr users, and now community members. Today we’re excited to unveil a new program implementing the value4value philosophy into our existing beta testing process — Early Access Rewards.
tl;dr — Be the first to report any reproducible issue for Passport or Envoy beta releases and get a 10k Satoshi bounty in Bitcoin per issue reported!
Early Access Rewards Highlights
The premise of the Early Access Rewards program is quite simple: contribute meaningful bug reports for Envoy or Passport releases while they’re in open beta, and get rewarded for each individual contribution. No middleman, no lengthy ToS, no Foundation login or account necessary.
How to participate:
Test the beta releases for Passport firmware or Envoy app.
Report issues on Github.
All issues (the first time they are reported) are eligible for the 10k Satoshi reward.
Foundation team members will validate the issues for eligibility.
Rewards sent directly to your provided Bitcoin address or Lightning invoice.
Join Early Access Rewards today
Want to earn sats for your important contributions to our open-source projects? Simply join our beta testers Telegram room below and keep an eye out for beta release announcements. Once a release is announced, you can submit any issues you find via Github and earn 10k sats per validated issue.
Once you discover an issue with the beta release, submit it via Github using the following links with the “Bug Report” option. Note that this does require a Github account:
Join the community, help us improve, and get rewarded in Bitcoin for your valuable contributions! ????
The future of Early Access Rewards
We’re excited to see how well this program works to incentivize important feedback and contributions from our fantastic community, but we also have plans to expand the program in the future. We’re currently considering creating a hardware Early Access program to get our newest products in the hands of invaluable community members first, and top contributors to this Early Access Rewards program will be first in line.
We have multiple new products in the works, and we can’t wait to watch each of you help us to build and improve as we bring freedom tech to more and more people around the globe. As one of the top contributors to our Early Access Rewards program, you’ll get the chance to test our new products for free as a thank you for your contributions in exchange for feedback and bug reports.
The (not so) fine print
If you have more specific questions on how the program will work, you can read the detailed rules below. Have a question? Don’t hesitate to ask in the Telegram room or email us at [email protected].
Eligibility for Rewards: a. The first reporter of any reproducible issue for Passport or Envoy beta releases is eligible for a 10k Satoshi bounty, paid in Bitcoin. b. Issues must be reported only once, and once made public, they are no longer eligible for additional 10k Satoshi bounties.
Reporting Process: a. All issues should be reported on Github in the appropriate repository:
Reproducible Issues: a. Issues must be reproducible, meaning that Foundation team members can accurately recreate and validate the issue in the Envoy app or Passport firmware.
Judgement and Reward: a. Foundation reserves the right to make the final judgment on whether issues are eligible for the 10k Satoshi reward. b. Once an issue is verified and confirmed as eligible, the reward will be sent to the reporter’s provided Bitcoin address or Lightning invoice.
Rewards Distribution: a. The rewards will be distributed in Bitcoin (BTC). b. The amount of the reward will be 10,000 Satoshi for each eligible issue. c. All rewards will be paid out at the end of the beta period.
Confidentiality: a. While issues will be made public upon reporting, beta testers should avoid sharing sensitive or personal information in public discussions about the issues.
Compliance: a. All beta testers must comply with the rules and guidelines set by Foundation Devices during the beta testing period. b. Any violation of the rules may result in disqualification from the beta testing program and forfeiture of rewards.
Changes to the Rules: a. Foundation Devices reserves the right to modify the rules or terminate the beta testing program at any time without prior notice.
Disclaimer: a. Beta testers participate in the program at their own risk, and Foundation Devices shall not be liable for any damages or losses incurred during beta testing.
The ability to reproduce and verify firmware for Passport has always existed, but in recent weeks we’ve ramped up our efforts to make it easier for anyone to be sure that the code running on their Passport exactly matches what is on Github. That culminated last month in the release of a new step-by-step guide to reproducing Passport firmware, making it easier than ever for you to verify firmware yourself, along with updates to the validation of our firmware’s reproducibility on Wallet Scrutiny.
While those resources are more of the “how” for reproducing firmware, we wanted a place to walk through the “what” and the “why” as well.
What are “reproducible builds?”
While there are many open-source projects out there today, the ability for you to validate that the binary (the actual piece that you install or run) is actually a bit-for-bit match with the code on Github is quite rare. The main reason for this is that ensuring binaries for a given project are reproducible requires a massive amount of work up front for the developers and maintainers, as well as additional documentation, maintenance, and customer support. Here at Foundation we view the trust minimization that reproducible builds bring as vital, so we’ve put in the hours to enable easy reproducible builds for everyone.
Reproducible builds allow you, the user, to build the binaries for Passport directly from the source code in a repeatable, “reproducible” way and validate the results match exactly what we ourselves publish. The way these builds actually function under the hood can differ widely from project to project, but always rely on building the binaries in exactly the same way no matter the users operating system, computer, etc. The rough process for Passport’s firmware looks like this:
Thanks to the magic of cryptography, we can compare the binaries we build with those Foundation releases by computing a hash of the binary, something that will change completely if even one bit of data is different in our binaries versus Foundation’s. This makes it trivial to compare and verify binaries, the ultimate goal of reproducible builds.
You can get a quick walk-through of what to expect in this short video of the entire process, start to finish:
Why does this matter?
The ability to not only see, read, and verify the open-source code published for Passport, but also to take it one step further and ensure that the firmware you run exactly matches that code provides the highest level of trust minimization possible. When you can be sure that the code actively running on Passport matches exactly what you would expect, it reduces the potential threat of Foundation releasing malicious firmware as there is no way for us to include code in the firmware that isn’t publicly visible and scrutinized on Github.
We don’t want you to have to trust us at all, and reproducible builds are the full embodiment of the phrase “don’t trust, verify.”
Try reproducible builds today
If this piqued your interest, you can dive in and reproduce Passport firmware yourself today! Following the guide below will take you through every step of the process:
While the guide is focused on Linux, the commands and steps will be very similar on operating systems like Windows and MacOS, and we’ve linked out to the relevant guides for dependencies on those respective operating systems.
If you do try out reproducible builds, we’d love it if you’d share your results publicly! Post the output of the process to Twitter or your favorite social media platform, tag us @FOUNDATIONdvcs, and we’d love to share your post out ourselves.
We’re excited to announce that the latest version of Envoy – 1.3.0 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.
Please note that there can be a lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.
What’s changed
In this version of Envoy we’ve implemented the ability to redeem azte.co vouchers with a single QR scan in Envoy directly to your mobile wallet, added the ability to cycle through units by tapping on amounts, the ability to update Founder’s Edition devices directly from Envoy, and focused heavily on refining user experience for Envoy mobile wallet users.
With the release of our last major version of Envoy, we transformed Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features in addition to its role as Passport companion app. With that came many new screens and features, so we’ve taken this release to focus on iterating and bringing many bug fixes and quality of life improvements for all our fantastic Envoy users.
As you may have noticed, we’ve skipped v1.2.0 and jumped straight to v1.3.0 as we realized we had too many important changes to be made during the beta period for v1.2.0. As a result this changelog includes all major changes introduced in v1.2.0 as well, so it’s extra long and extra exciting.
For more details on each of the changes, keep reading below!
New Features
You can now redeem azte.co vouchers directly in Envoy with just a few taps!
Getting those no-KYC sats directly from Azteco just got much easier, as you can simply scan an Azteco voucher QR code and sweep the funds directly into Envoy by scanning the QR code from any screen ????
Azteco allows you to buy Bitcoin vouchers from your local corner store just like you’d top up a pre-paid phone plan. Buy with cash and get Bitcoin directly in your mobile wallet or cold storage for one of the fastest and most private ways to acquire Bitcoin out there.
https://youtube.com/shorts/6TWEaWcyFQ0
Added the ability to cycle through units (fiat/BTC/sats) by tapping on the amount when building a transaction.
Those of you rocking Founder’s Edition devices can now update within Envoy, just like with our latest Passports!
Malaysian Ringgit added as supported currency – Hi Malaysia!! ????????
Improvements
Rearranging accounts has been completely rewritten and is now sexier and smoother than ever before! Organizing your accounts has never been so satisfying.
Added prompts to help users find features that could otherwise be hard to discover. These can be easily dismissed as you learn more about using Envoy.
Added a warning if Envoy’s mobile wallet contains more than $1000, reminding the user of the danger of keeping lots of funds on a mobile wallet.
Updated the look of the account cards, adding a bit more elegance and refinement.
Updated the way decimal units of fiat values are displayed when typed in the Send screen.
If you lose internet connectivity while on the go, Envoy will now update balances instantly without needing to refresh the app when connection is re-established.
Sent transactions will now displayed instantly, instead of waiting to hear from the Bitcoin node you are using in Envoy.
Improved how we display progress when scanning animated QR codes during the Passport connection flow.
Swapped the send and receive button locations to be more logical, and improved the appearance of the QR scanning button.
Improved the user experience when updating firmware for Passport via Envoy.
Improved the “Back up now” button user experience in Backup settings to give feedback and a status spinner while backing up.
Added additional contextual text and links when the accounts screen is empty.
Made it easier to distinguish when you’re using testnet accounts by using “tsats” and “TBTC” as the unit.
Added the ability to mute the explainer video for Magic Backups.
Improved the wallet deletion flow.
Improved the screens a user sees in failed states due to connectivity issues or restoration failures with Envoy backup files.
Improved handling when using Android’s native back button for getting out of Passport accounts.
Added the ability for users to save and manually share error logs with support if needed.
This error logging only happens locally and must be shared manually by the user to best preserve user privacy.
Sending amounts below a “dust” threshold will now show an error instead of having the “Continue” button become unresponsive.
Added explanatory texts when Testnet is enabled.
Other minor icon and text updates to make processes smoother and more understandable.
Bug Fixes
Fixed an issue preventing onboarding on iPhone SE.
Fixed an issue where importing Envoy mobile wallet from a QR code incorrectly said it failed when it actually succeeded.
Fixed minor copy and UI issues throughout the app.
Fixed how some screens in Envoy were handled on devices with small screens.
Fixed an issue where the audio for the Magic Backups explainer video could continue playing in the background even after the user closes it.
Fixed a minor issue with the “+” button disappearing in rare scenarios.
Fixed handling of very large amounts when using sats as the unit.
Properly refresh transaction list when the wallet syncs again after losing internet connectivity.
Fixed an issue where users could be shown the onboarding for a second time in rare scenarios.
Fixed a rare issue where updating an account name could fail.
Fixed an issue where reordering accounts could occasionally make them swap colors.
Fixed a minor issue where the user could type infinite zeroes after the satoshi unit in the send screen.
Fixed an issue where scanning an address would reset the amount on the screen if this was typed before the address was scanned.
Fixed an issue where a “not a valid address” banner would continue displaying for a long time after a dynamic QR code was scanned.
Fixed an issue where recovering from a seed that had never been backed up in Foundation servers could generate two identical hot wallets.
Fixed an issue where recovering from an invalid QR seed would crash Envoy.
Fixed a rare issue where while on certain pages, the shield chevron could be behind OS controls.
Verifying Envoy on Android
If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android
As we expand our audience to more Bitcoin beginners, we’re constantly on the lookout for ways that we can simplify and improve the user experience for those using Envoy and Passport. We’ve focused on efforts that help to abstract away the difficulties that come with the concept of seed words for new users through implementing Magic Backups in Envoy and encrypted microSD backups for Passport, but for our users to retain full sovereignty the option of using basic seed words has and always will be a core feature of our products.
One of the longest held beliefs in the Bitcoin space is that using a longer seed phrase (i.e. 24 words instead of 12) is a way to future-proof the security of your funds. Because of this belief, most hardware and software wallets default to using 24 word seeds, something that adds additional friction to users as they need to store a very large secret and verify it properly. Unfortunately, this belief is based upon a narrow view of private key security, and forces unnecessary burden on users with little to no real-world benefits.
In this blog post we’ll walk through how private key security works in Bitcoin, how seed phrases are only one piece of that security, and why we think we should make 12 word seed phrases the standard moving forward.
Don’t have time for the full post? The tl;dr is that the lowest hanging fruit for an attacker is always reverse engineering a private key from a Bitcoin address known to contain funds, even when using “only” a 12 word seed phrase. However, this is a complex and nuanced topic, so keep reading below to get a better understanding of why this is true!
What is a private key?
In Bitcoin, a private key is created through simply choosing a random number between 1 just under 2256 (that’s over 115 quattuorvigintillion for those of you keeping score). This number must be chosen in a truly random and unrepeatable way, so we rely on things called “random number generators” or “true random number generators” in computers and hardware wallets to ensure that the source of entropy (read: randomness) is good enough to produce truly random results. To get a better idea of what the chances of randomly guessing the same number as someone else are, here is a great and brief video on the topic:
https://youtu.be/S9JGmA5_unY
The reason this number must be between 1 just under 2256 is that Bitcoin uses a 256-bit elliptic curve called secp256k1, so the most secure random number for your private key will be in that range. When you choose a number, this is translated to points on this elliptic curve (a type of graph, in essence), giving you a fully functional public key from that one number. This operation is something that is very quick to generate a private key, but practically impossible to reverse engineer a private key from a given public key (i.e. a Bitcoin address).
When you generate a private key in Bitcoin it looks something like this:
Note how hard it would be to properly write down or memorize a private key in this format. Enter BIP 39, a proposal that allowed us to use a list of words to securely and deterministically (read: repeatably) generate a private key from that list of words.
Private keys made human
Seed phrases as we know and love them were introduced way back in 2013, and quickly gained adoption as they greatly simplified the process of setting up or restoring wallets in Bitcoin. As a set of words in the same order will always generate the same private keys, we can simply save these words and be sure that we can always recover funds properly. Seed words must be a minimum of 12 words in length, but can be as long as 24 words if desired.
When you generate a seed phrase, it will look something like this:
fit hen toward recycle detail raise glare gate diagram room vendor lesson
As Bitcoiners have a penchant for maxing out security and always keep a long-term view when approaching their money, most jumped directly into using the maximum length seed phrase of 24 words from the get-go, as it theoretically provided more entropy (which people viewed as more security) than smaller seed phrases. But how secure really is a seed phrase, and how does it compare to the security of a private key itself? How can an attacker actually attempt to steal funds from a given Bitcoin wallet?
Attacking your private keys
To better understand how secure private keys and seed phrases are, we first need to look at what an attacker can do to try and steal Bitcoin from your wallet through cryptography alone. There are two basic attacks that can happen against your private keys in Bitcoin:
An attacker can attempt to guess the words and order of your seed phrase in its entirety
An attacker can attempt to reverse engineer a private key from a given public key (Bitcoin address)
The first attack is often called a “brute-force attack,” as it involves an attacker trying over and over again to guess the correct secret – in this case a seed phrase. When using a 12 word seed phrase there are 204812 possible word combinations, of which some are able to be immediately discarded due to a failing checksum, meaning the number of valid seed phrases is actually 2128 (or 340,282,366,920,938,463,463,374,607,431,768,211,456). Yes, you read that right. In order for an attacker to correctly guess your 12 word seed phrase would require billions of years using modern supercomputers. In essence, there is no real-world possibility of an attacker correctly guessing your 12 word seed phrase.
The second attack is also known as solving the Elliptic Curve Discrete Logarithm Problem (ECDLP). While it is trivial to generate a private key and derive public keys from it, there is no efficient way to recover a private key from a given public key. The asymmetry of this aspect of elliptic curve cryptography is at the core of securing Bitcoin (along with many other tools for freedom, including HTTPS security for websites, the Tor network, Signal messenger, and more). As Bitcoin reveals all public keys and amounts publicly, an attacker could choose a given public key with a large amount of Bitcoin (i.e. Satoshi’s known addresses) and attempt to solve the ECDLP for that public key.
Bitcoin uses the secp256k1 elliptic curve, a 256-bit curve that is well understood and vetted in the cryptography space. An attacker would need to leverage the best known attack, Pollard’s rho algorithm, which takes a number of operations equal to about half the curve size. This means that an attacker attempting to solve the ECDLP for a given Bitcoin address would need to perform 2128 operations (or 340,282,366,920,938,463,463,374,607,431,768,211,456) in order to guess the private key correctly. Performing that many operations on modern computers would take in the billions of years. In essence, there is no real-world possibility of an attacker solving the ECDLP for a given public key.
To put those numbers in perspective, solving the ECDLP for your public key or guessing your seed phrase randomly is less likely than picking the same atom out of the universe. The security provided by the unimaginably large numbers we’re discussing here securing your Bitcoin keys is hard to fathom, but comparing it to more tangible numbers like these can help. This security means that attacking a 12 word Bitcoin seed or solving the ECDLP for a given Bitcoin address are both considered infeasible with modern computers.
12 words is the sweet spot
So how does this all add up to a 12 word seed phrase being the ideal length? A 12 word seed phrase contains 128 bits of entropy, allowing it to be used to generate private keys with the full 128 bits of security provided by secp256k1. We broke down the rough estimates for solving the ECDLP or guessing a given 12 word seed phrase previously, but this means that a 12 word seed phrase is the minimum length to not hamper the security of the underlying private keys. If we shortened the seed to, say, 10 words, we would be reducing the security of the private keys and making both the underlying private keys more insecure and providing an easier brute-force attack against the seed words.
If you were to use a 24 word seed phrase, even though it would provide additional entropy when generating private keys, the underlying private key would still be broken in 2^128 operations — exactly the same as a 12 word seed. This means that longer seed phrases will not add additional security to the underlying private keys themselves, and only increase the difficulty of brute-forcing a given seed phrase (something that is already statistically impossible for a 12 word seed phrase).
While we can increase the protection against brute-force attacks of a seed phrase by increasing the number of words, the core security of your funds in Bitcoin remain the security of the underlying private key itself — even when using a longer seed phrase. The lowest hanging fruit for an attacker is always to attack the cryptographic security of a Bitcoin address they know contains Bitcoin, rather than attempt to guess a seed phrase with funds.
Bringing things back to reality
In summary, the security of a 12 word seed phrase is roughly equivalent to that of the underlying security of a private key in Bitcoin, and any additional theoretical security gained through using a larger seed phrase has no impact on real-world attacks. 12 words provide the required amount of entropy to generate a secure private key and more than enough security against a brute-force attack at the same time.
It’s important to note that far and away the largest cause of lost Bitcoin is not theft, but rather a user failing to properly secure their seed phrase. Any reduction in the barrier of entry to proper backup, storage, and recovery of a seed phrase will lead to a real reduction in the amount of Bitcoin lost forever. In addition, the other major ways to lose funds are to have them stolen by an attacker finding a seed phrase or socially engineering a user into giving up their seed phrase. Both of these attacks do not gain any protection or resilience through using a longer seed phrase.
If no additional security is gained in the real world by doubling the length of the secret we need people to store from 12 words to 24, doubling the amount of words to enter when restoring, and doubling the amount of words to verify on initial setup, we can further lower the barrier of entry to Bitcoin by leveraging the immense security provided by “only” a 12 word seed phrase for all new users.
We do still think it’s important to abstract away the foreign concept of seed words whenever possible, but we will always want our users to be able to easily move to other wallets, be protected if we disappear one day, and have full sovereignty when it comes to their private keys. As a result we will always build in strong and seamless support for seed words in our products, and starting soon we will default to 12 words when creating a new wallet in Passport.
Let’s make 12 words the standard.
Dive deeper
If this intro to private key security piqued your interest, we’ve collected our favorite resources on the topic below for you to learn more about how the cryptography and security behind Bitcoin’s immensely powerful design:
A special thank you to Luke Parker, a brilliant developer and cryptographer in the space who helped to review and give detailed feedback in the process of writing this post.
While we already had a lot slated for the month of May, the combination of big releases, the Bitcoin conference in Miami, and the drama around Ledger’s new “Recover” service made for an explosive few weeks! We’ll get you all caught up with the latest at Foundation and in the space in this month’s newsletter ????
Dive into the latest updates below, and be sure to subscribe if you want to stay informed on all things sovereignty moving forward!
This month at Foundation
With the rush to safety in open-source software and hardware in the wake of Ledger’s debacle, we’ve seen an unprecedented month of sales for Passport! As a result we sold out of all of our current stock, but were already ramping up production and have begun shipping pending orders. We’re expecting to have Passport back in stock for new orders in the next 2 weeks, and will keep you all up to date along the way.
Now onto the updates we have for you all this month!
Updates
We announced a groundbreaking release of Envoy, our mobile companion app for Passport, just in time for Bitcoin Miami. This new update transforms Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features.
“Notably, Envoy Magic Backups take the pain and worry out of setting up and backing up a mobile wallet, allowing you to get up and running in 60 seconds and restore your wallet anytime, on any device, in just two taps. It’s time you experienced Bitcoin, simplified.”
Learn how Magic Backups work in less than 40 seconds!
“We expect Envoy Magic Backups will lead to a massive increase in self custody, with easier onboarding than you’d find at any Bitcoin exchange or custodian.”
“In version 2.1, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including backporting v2.1 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP-85 and Nostr key support and export, and BIP-85 SeedQR exports. Features, features everywhere.”
This version of Passport firmware brings a wealth of new features, all securely backed up via encrypted microSD backups. Bringing the ability to manage all of your hot and cold wallets, all of your Nostr keys, and all of your friends and families wallets (if you choose to act as an “Uncle Jim”) under a single encrypted backup or seed phrase is a powerful thing. Peace of mind + powerful features.
You can read more about our new Key Manager extension that enables all of these incredible features here.
Blog posts
Due to our approach with Envoy as a mobile wallet being so different from other wallets out there, we took the time to walk through every detail of Envoy as a mobile wallet, including the new Magic Backups feature that enables <60s onboarding and 3-tap recovery:
“Envoy introduces a new seed-less onboarding experience called Magic Backups. While Envoy users can of course manually handle seed words if desired, we aimed to engineer a solution that enables 60-second onboarding and automatic encrypted backups of Envoy’s private key and application data (such as settings and labels), with a full restore taking just three taps.”
With the release of our latest Passport firmware we debuted two major new features in BIP 85 (or “deterministic child seeds”) and Nostr key support. Because of the changes these bring and the possibilities they open up, we highlighted them in a special blog post:
“The introduction of a new “Key Manager” extension enables two powerful new tools in child seeds and Nostr keys, both of which are derived directly from your Bitcoin seed on Passport and automatically backed up to microSD. All of your wallets under one backup.”
Journey to Sovereignty
In May, we got the chance to sit down with Czino and Steph from Peach Bitcoin and learn what they’ve been building, why P2P Bitcoin exchanges are vital, and much more. We also used the latest episode to unpack all of the happenings at Foundation.
If you’ve been hearing the hype around Peach Bitcoin or simply starting to look into acquiring Bitcoin via a P2P exchange, today’s episode is for you! We’ll be diving into why Peach exists, how it’s different from the other P2P exchanges out there, and answering all your questions.
It’s been a crazy last few weeks here at Foundation, so we wanted to focus this episode on chatting about all that we’ve launched, how the Ledger Recover fiasco has played out, and what we’re working on next.
We cover Passport’s new Key Manager extension, Envoy as a standalone mobile wallet, its new Magic Backups 60s onboarding and 3-tap recovery, and more on this episode of Journey to Sovereignty.
You can follow the podcast on your favorite platforms, including Apple Podcasts, Spotify, Google Podcasts, and Fountain, a Bitcoin-powered podcast platform where you can support content creators directly with your sats.
If you listen and boost Journey to Sovereignty on Fountain, we forward 100% of the sats you send us to other free and open-source projects we love in the Bitcoin space:
If you’ve been following Foundation for any length of time, you’ll surely know that we’re huge fans of decentralized and peer-to-peer Bitcoin exchanges as an immensely valuable tool. This month our Head of Customer Experience, BitcoinQnA, put together a guide on using Robosats on his site, bitcoiner.guide:
We were thrilled to see that the Federal court system in the US finally codified protections for those coming into the US when it comes to warrantless phone searches:
A fantastic organization focused on incentivizing and organizing the funding of open-source projects, OpenSats, announced that they received a $10m grant to drive open-source contributions to Bitcoin, Nostr, and more.
“We are delighted to announce that OpenSats has received a generous donation of $10 million from Jack Dorsey’s philanthropic initiative, #startsmall, which will be used to support the development of free and open-source software and projects focusing on bitcoin, nostr, and related technologies.”
In the same vein, the Human Rights Foundation donated $450,000 in grants from its Bitcoin Development Fund towards Bitcoin development in May, focusing on “improving Bitcoin scaling, privacy, decentralization, supporting global education, censorship-resistant communication, and building communities worldwide. Areas of focus include Africa and Asia”:
“In 2020, the Human Rights Foundation launched a fund to support software developers who are making the Bitcoin network more private, decentralized, and resilient so that it can better serve as a financial tool for human rights activists, civil society organizations, and journalists around the world.”
This month’s step towards personal privacy and security
Properly securing accounts can lead to much better privacy by reducing the amount of data leaks and hacks you experience as a result of stolen or leaked credentials. Password managers make it extremely simple to manage usernames and passwords across all of the sites and apps you use, without needing to re-use passwords (or username or email!) in order to remember them. This has drastic implications on security, and is a huge step forward in your journey.
Migrating to a password manager is also a great chance to think twice about which accounts you actually need, and close those that you don’t need in the process.
Bitwarden has become the gold standard for open-source password managers, as it has rich features, a generous free plan, and excellent clients on all platforms along with fantastic browser extensions.
What we’re working on
Our focus this month is around iterating on Envoy as a mobile wallet, building out full Taproot support for Passport, and supporting the Oslo Freedom Forum by donating 15 Passports to activists attending the event.
We’re excited to continue helping bring freedom via Bitcoin to people across the globe, and supporting such a critical event is a key way we can help to do that. Keep an eye out for more on the freedom front, as we’re working on big things behind the scenes!
To keep up with what we’re building, you can follow us on Twitter, on Nostr, or subscribe to our newsletter on our website so you can stay in the loop.
We’re thrilled to announce a groundbreaking release of Envoy, our mobile companion app for Passport. This new update transforms Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features.
Envoy makes financial sovereignty more accessible than ever before and radically lowers the barriers to Bitcoin self custody.
Notably, Envoy Magic Backups take the pain and worry out of setting up and backing up a mobile wallet, allowing you to get up and running in 60 seconds and restore your wallet anytime, on any device, in just three taps. It’s time you experienced Bitcoin, simplified.
With mobile wallet support in Envoy, the combination of Envoy + Passport empowers you to store your wealth in an ultra secure, intuitive hardware wallet while also spending Bitcoin on the go in just a few taps. Move funds back and forth between Envoy and Passport, make airgapped transactions, and access your spending and saving balances from anywhere – all in a single app!
Not a Passport owner? This update introduces full Bitcoin wallet functionality on your iOS or Android phone. Use Envoy to store and spend your Bitcoin with strong security, privacy via Tor, and a streamlined setup experience.
We are excited to bring our best-in-class design, intuitive and approachable user experience, and peace of mind to smartphone users across the globe – no Passport required.
WHAT IS A “MOBILE WALLET?”
In Bitcoin, the term “mobile wallet” refers to any wallet that keeps your keys on an internet-connected smartphone for easier spending and receiving of funds. While you should not keep your life savings in a mobile wallet, it provides easier access to a small amount of Bitcoin for spending, withdrawing from an exchange, and onboarding new users.
Envoy has traditionally been a “watch-only wallet” that connects to Passport, allowing you to view your balance and create transactions, but providing limited functionality when you are away from your hardware wallet. Now you can enjoy Envoy as a full-featured Bitcoin wallet on the go.
EXPERIENCE MAGIC BACKUPS
Envoy introduces a new seed-less onboarding experience called Magic Backups. While Envoy users can of course manually handle seed words if desired, we aimed to engineer a solution that enables 60-second onboarding and automatic encrypted backups of Envoy’s private key and application data (such as settings and labels), with a full restore taking just three taps.
Additionally, we wanted to ensure that Envoy does this without collecting any user data – no email address, no passwords, no IP address (when Tor is enabled) – no friction!
We expect Envoy Magic Backups will lead to a massive increase in self custody, with easier onboarding than you’d find at any Bitcoin exchange or custodian.
HERE’S HOW ENVOY MAGIC BACKUPS WORK
Envoy generates a seed and stores it on your phone’s secure element.
Since most users have iCloud Keychain or Android Auto Backup enabled, the seed is automatically synced to your other iOS or Android devices – fully end-to-end encrypted, without needing to give Envoy permission to access your iCloud or Google account. This encryption means that only you can access this data, not even Apple or Google.
“iCloud protects your information with end-to-end encryption, which provides the highest level of data security. Your data is protected with a key that’s made from information unique to your device, and combined with your device passcode, which only you know. No one else can access or read this data, either in transit or storage.”
“Android preserves app data by uploading it to the user’s Google Drive—where it’s protected by the user’s Google account credentials. The backup is end-to-end encrypted on devices running Android 9 or higher using the device’s pin, pattern, or password.”
Envoy then creates a backup file containing your app settings, account labels, and other non-sensitive app data, so that Envoy can be restored to its exact previous state. This folder is end-to-end encrypted with your seed so that Foundation can never see the contents. We call this the Envoy Backup.
The fully encrypted Envoy Backup is uploaded to Foundation’s servers, alongside a hash of the seed (a cryptographic representation of the seed that proves your knowledge of the seed, not the seed itself!) so that we can ensure no one else can attempt to download your backup without proving knowledge of your seed phrase.
There is no Foundation user account, no email, no password – all you need is access to your iCloud or Google account.
RESTORING FROM MAGIC BACKUPS
If you lose your phone or delete the Envoy app, restoring your wallet takes only a few seconds with Magic Backups.
Envoy checks the secure element on your phone and looks for the seed.
If it discovers a seed on the secure element, Envoy hashes the seed and sends the hash to our server.
This merely proves your knowledge of the seed and does not reveal your seed to Foundation in any way!
If it does not discover a seed, it accesses the encrypted backup from iCloud Keychain or Android Auto Backup and restores the seed to the secure element. Then Envoy hashes the seed and sends the hash to our server.
Envoy then downloads the encrypted Envoy Backup from our servers.
Envoy uses the seed to decrypt the Envoy Backup file locally (on your phone!) and restores all user settings, account labels, and other app data – so it’s like you never left.
OTHER NOTABLE CHANGES
We’ve also added the following features and improvements in this release:
Biometric/PIN authentication. Now you can protect your mobile wallet or Passport balances from prying eyes
Ability to swipe on accounts to hide balances while you’re on the go. For example, you can display your mobile wallet balance but hide your hardware wallet balance.
TRY ENVOY TODAY
We’ve released this new version of Envoy to all major platforms, so you can choose the method that suits you best below:
If you’re on iOS, you can install Envoy from the App Store using the following link:
For those on Android, you can either find Envoy in the Play Store, install via F-Droid, or download the app directly from Github (Envoy is fully open source!):
Download the APK titled “envoy-apk-1.1.3.apk” directly from the above link and install
As this APK is signed with our own keys instead of Google’s keys via the Play Store, if you’re using the Play Store version you’ll have to uninstall Envoy first before installing the public beta
HOW CAN I GIVE FEEDBACK OR GET SUPPORT?
As you use Envoy as a mobile wallet, we’d love to hear from you – every issue, bug, or favorite feature! There are three main places you can go to give us feedback or get help with Envoy:
We have a standalone Telegram channel for our community that you can join and give feedback or get support
The release of Envoy as a mobile wallet paves the way for a range of roadmap items we’ve been planning for some time, and we can’t wait to build on this strong foundation of simplified Bitcoin usage. Next you’ll be able to jump in the ???? with thousands of other Bitcoiners, become a ????, or ⚡ your way to a cup of coffee — all within Envoy!
We’re excited to release the next piece of your financial sovereignty toolkit to the masses and onboard a wave of Bitcoiners to self-custody, privacy, and financial sovereignty sat by sat.
We at Foundation are thrilled to launch a major update to our Envoy mobile app for iOS and Android, transforming Envoy into a standalone mobile Bitcoin wallet with a magical setup experience. For more details, read the official press release below.
FOUNDATION LAUNCHES ENVOY WALLET WITH MAGIC BACKUPS, LOWERING THE BARRIERS TO BITCOIN SELF CUSTODY
Updates to Envoy and Passport hardware wallet mark significant advancements in the company’s mission to empower individuals to reclaim their digital sovereignty.
Foundation Devices (“Foundation”), a leader in the development of Bitcoin-centric tools, today announced a major update to its Envoy mobile app, transforming it into a standalone Bitcoin mobile wallet with powerful account management and privacy features. This update is a significant step in Foundation’s mission to make digital sovereignty more accessible and to lower the barriers to Bitcoin self-custody.
The new Envoy update introduces Envoy Magic Backups, a feature that simplifies the setup and backup process for a mobile wallet. Users can now get started in 60 seconds – without seed words – and restore their wallet anytime, on any device, in just two taps. This update empowers users to store and spend their Bitcoin with strong security, privacy via Tor, and a streamlined setup experience.
“With this update, we are excited to bring our best-in-class design, intuitive and approachable user experience, and peace of mind to smartphone users across the globe – no Passport required,” said Zach Herbert, Co-Founder and CEO of Foundation.
In addition to the Envoy update, Foundation announced a price reduction to $199 for its highly rated Passport hardware wallet. Customers who ordered in the last 90 days will be eligible to claim a $50 gift card for the Foundation store.
Foundation also released a major new Passport update. The introduction of the Key Manager extension enables two powerful new tools in child seeds and Nostr keys, both of which are derived directly from a user’s seed on Passport and automatically backed up to microSD.
“Foundation is committed to making Bitcoin and decentralized technologies accessible to everyone,” Herbert added. “These updates mark significant advancements in our mission to empower individuals to reclaim their digital sovereignty. We’re excited to continue delivering products that usher in a new era of freedom and prosperity for users worldwide.”
About FoundatioN
Founded in April 2020, Foundation is dedicated to making Bitcoin and decentralized technologies accessible to everyone, enabling users to reclaim their digital sovereignty. The company’s open-source products include Passport, a best-in-class Bitcoin hardware wallet, and Envoy, a mobile Bitcoin wallet.
For more information about Foundation and its products, visit foundationdevices.com.
Our team has been busy throughout the month of April with major new releases of Envoy and Passport firmware along with preparations for a busy conference season, kicking off with Bitcoin Miami.
Dive into the latest updates below, and be sure to subscribe if you want to stay informed on all things sovereignty moving forward!
This month at Foundation
Updates
In the first week of May we debuted a massive new update to Passport for our fantastic community in Passport’s new firmware, v2.1.1:
“In version 2.1, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including backporting v2.1 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP-85 and Nostr key support and export, and BIP-85 SeedQR exports. Features, features everywhere.”
This version of Passport firmware brings a wealth of new features, all securely backed up via encrypted microSD backups. Bringing the ability to manage all of your hot and cold wallets, all of your Nostr keys, and all of your friends and families wallets (if you choose to act as an “Uncle Jim”) under a single encrypted backup or seed phrase is a powerful thing. Peace of mind + powerful features.
You can read more about our new Key Manager extension that enables all of these incredible features in our latest blog post, or in our support docs here.
April was also a month filled with major amounts of internal testing and multiple public betas as we continued to test Envoy as a standalone wallet before public release:
With this open beta we’re greatly expanding what Envoy is capable of, making it a feature-rich Bitcoin hot wallet in addition to its existing role as a watch-only wallet and management app for Passport.
Blog posts
April was a quieter month from us on the blog side as we focused heavily on software and firmware releases internally while preparing for a busy season of conferences and big announcements around Bitcoin Miami 2023.
With the release of our latest Passport firmware we debuted two major new features in BIP 85 (or “deterministic child seeds”) and Nostr key support. Because of the changes these bring and the possibilities they open up, we highlighted them in a special blog post:
“The introduction of a new “Key Manager” extension enables two powerful new tools in child seeds and Nostr keys, both of which are derived directly from your Bitcoin seed on Passport and automatically backed up to microSD. All of your wallets under one backup.“
Last month we published the first edition of “This Month in Sovereignty,” kicking off this outlet to keep up with what we’re doing here at Foundation, what we’re reading, and what we’re following in the space:
In March we focused on Nostr, P2P exchanges, and pushed major new releases for Passport and Envoy. Read the full newsletter to catch up!
Journey to Sovereignty
In April, we walked through what VPNs are and why they’re an immensely valuable tool for Bitcoiners, and then sat down with Ivan from Breez to learn about how they’re building an open-source toolkit to enable easier self-sovereign Lightning apps moving forward.
If you’ve heard the term “VPN” from a sketchy ad during a YouTube video or a shadowy super coder, you might have been turned off to the concept. Today we’re going to break down what a VPN is, how one works, and why they’re actually amazing tools for your every-day-carry digital toolkit. Let’s make (good) VPNs the standard.
If it’s seemed too daunting to use Lightning without sacrificing custody of your Bitcoin, what Breez is building might be just the solution you need. On this week’s episode we sit down with Ivan from Breez to talk about the future of self-custodial Lightning and how we can beat fiat at it’s own game.
You can follow the podcast on your favorite platforms, including Apple Podcasts, Spotify, Google Podcasts, and Fountain, a Bitcoin-powered podcast platform where you can support content creators directly with your sats.
If you listen and boost Journey to Sovereignty on Fountain, we forward 100% of the sats you send us to other free and open-source projects we love in the Bitcoin space:
Matt Odell released a fantastic and deeply important episode of Citadel Dispatch this month on the shocking use of Chainalysis closed-source data and tooling to prosecute a seemingly innocent person for running the Bitcoin Fog centralized mixer.
Faulty data and “black box” techniques have no place in a fair and open court room, but Chainalysis and other chain surveillance firms are making millions by offering just that to law enforcement.
One of the best educators in the space, Econoalchemist, put out a detailed review and guide around using Passport this past month in Bitcoin Magazine. He walks through initial setup, comparisons to Founder’s Edition, and how to use Passport to reclaim your privacy in Bitcoin via Sparrow Wallet.
As the Tor network continues to undergo a concerted DDoS attack by an unknown entity, they have narrowed down potential solutions and are focusing on implementing a novel proof-of-work algorithm to the connection flow for Tor users.
Our very own BitcoinQnA released a major update and expansion of his open-source educational website and resource, bitcoiner.guide, this month. It now features a beginner, intermediate, and advanced track, a new look, Nostr live chat and lots more content!
Blue Wallet, a fantastic mobile wallet with excellent support for Passport, released a major new update that includes a fixed Payjoin implementation and an initial release of BIP 47 “PayNym” support (receive only for now)
The U.S. government continued their push against encryption and personal privacy this month with three new or renewed bills to restrict our freedom online. The EFF has done a fantastic job covering these new developments below:
This month’s step towards personal privacy and security
As we covered the topic at length in one of this month’s Journey to Sovereignty episodes, we figured it would make sense to focus this month’s actionable step towards personal privacy on using a privacy-preserving and non-logging VPN provider.
While a VPN provider isn’t a perfect solution to network privacy issues, it does allow you to shift the trust from your network provider (home ISP, mobile carrier, etc.) to a 3rd-party you trust more than them (and one that doesn’t have your personal information or address). Once you’re using a VPN, you’re actively preventing the sites, apps, and tools you interact with online from learning your home IP address and connecting all of your activities back to you.
Our team is a big fan and many of us are users of two well-known VPN providers in the space which we’ve linked below for easy reference. Both IVPN and Mullvad accept Bitcoin (on-chain and Lightning) for subscriptions and require no information from you to create an account, not even an email address!
Please note that we have no direct affiliation with either provider and don’t profit off of your use of either, we just love their approaches and use them ourselves.
What we’re working on
In May we’ll be attending Bitcoin Miami with a large portion of our team, and can’t wait to meet some of you all there! We’ll also be selling Passport directly from our booth, making conferences the best way to buy Passport without disclosing any information (even shipping address) to us or anyone else.
We also can’t wait to get Envoy as a standalone wallet out to the general public, and will be releasing it ahead of the conference so keep an eye out for that.
To keep up with what we’re building, you can follow us on Twitter, on Nostr, or subscribe to our newsletter on our website so you can stay in the loop.
With the release of our latest update for Passport, we’ve empowered you to leverage your Passport for far more than just a cold storage wallet. The introduction of a new “Key Manager” extension enables two powerful new tools in child seeds and Nostr keys, both of which are derived directly from your Bitcoin seed on Passport and automatically backed up to microSD. All of your wallets under one backup.
As both of these features are entirely new to our products, we’ve set out in this blog post to explain how you can use them, detail some real world use-cases, and walk through how all of this is possible from a simple Bitcoin seed phrase.
BIP 85 done right
While the ability to create nearly infinite child wallets from a single master seed phrase has been around for a few years in BIP 85, the complicating factor has always been how to implement in a way that is intuitive and easy to use. In previous attempts at allowing users to generate child keys they’ve required manual index backups, had no ability to name the keys themselves to differentiate them, and have pushed the feature to only the most advanced Bitcoin users.
As one of our goals at Foundation is to bring Bitcoin self-custody down into the real-world and make it more approachable, we spent many hours working with our design team to make Key Manager accessible for even the least technical users. That work has culminated in an extension that takes one click to enable and then guides you through every aspect of key management, regardless of background or expertise.
Key Manager at a glance
Let’s get to the fun stuff — how does all of this actually play out when using Passport? All you have to do to unlock all of this new functionality in Passport is to enable the Key Manager extension from the settings menu. Just a few presses and you have a new card on your home screen that lets you create and manage BIP 85 child seeds and Nostr keys with a few clicks! View all your keys, distinguish them quickly by unique icons, and manage their names in seconds.
Once you have enabled Key Manager, creating a new key is incredibly straight forward. Simply navigate to the new Key Manager card on your home screen and select “New Key.” Choose how many words you want the seed to be and the new key is automatically saved via encrypted microSD backups. When you need to use the new child seed in another wallet, simply select “Export,” choose whichever format your favorite wallet supports, and import it. It’s that easy.
Using Key Manager in the real world
Still wondering how all of this can help you? Let’s walk through some real-world examples of ways that you can leverage child seeds to simplify and safeguard your Bitcoin journey. Once you’ve secured your Passport backup properly — either by encrypted microSD backups or manual seed backup — you can start creating child seeds for all kinds of uses without the additional headache of needing to back each of them up separately.
One of the most common and immediately useful ways to leverage child seeds is by using a child seed from Passport for your mobile wallet of choice. Simply turn on your Passport, navigate to the Key Manager page, create and name a new key, and then export as a QR or seed words and setup your mobile wallet. In just a few minutes you have a highly secure backup already in place for your new mobile wallet, but can spend easily and freely on the go. This makes pairing Passport with Envoy as a mobile wallet the best of both worlds.
Another common use-case for our more privacy-minded community is to use a child seed from Passport to create a hot wallet for mixing in Samourai Wallet or Sparrow Wallet. You can now easily keep those funds in your mixing wallet while you’re reclaiming your privacy without an additional seed to back up (or potentially lose). You can even leverage Sparrow Wallet to mix from that new child seed directly to Passport using our Postmix extension, bringing privacy to your cold storage without all of the normal headaches. Privacy meets peace of mind.
Lastly, child seeds present an incredible way for those who are more knowledgeable and further along in their Bitcoin journey to help back up funds of close family and friends while they’re learning the ropes. You can generate child seeds for your parents, your kids, or your friends who are new to Bitcoin to help get them started while reducing the risk of them losing precious sats. While this does give you access to their bitcoin, it’s a great temporary tool while they get comfortable using Bitcoin.
But wait, there’s more!
That’s not all that the Key Manager extension enables, though! We’ve also been building out full Nostr key support as a part of the extension, allowing you to leverage the power of child keys to create Nostr keys directly from your Bitcoin seed on Passport. One master backup with Passport and all your Nostr keys are safe and secure.
When you want to create that new Nostr key, it’s as easy as navigating to the new Key Manager card, selecting “New Key,” choosing the “Nostr” option, and then naming it as you see fit. Whenever you want to login to a Nostr client, simply export the new key to QR and scan it from your favorite client (Amethyst currently supports this) or export to microSD as a text file and copy paste if necessary. No more worrying about losing your Nostr key.
While it’s not live in this release, we’ve also been hard at work implementing delegated key signing a la NIP-26 into Passport. This new approach to key management means that you can leverage a child key to sign-in and use Nostr without ever exposing your master Nostr key to the world. This standard and implementation are still in their infancy, but we’re excited to help grow the ways that our users can leverage Passport to empower their freedom in areas outside of Bitcoin alone. We’re thankful for all those working on freedom tech more broadly and we can’t wait to get delegated key signing in your hands shortly.
Driving Nostr forward
Nostr key management is one of the areas where Nostr is very early in development today, so we’ve been working hard as a team to find ways that we can give back to the Nostr ecosystem and help to drive forward mature standards. One of the ways we have worked to improve the ecosystem is by helping expand the standard for Nostr key derivation in NIP-06 to include generating multiple keys properly. We helped to develop and test a derivation method that would allow you to generate practically infinite usable Nostr keys from a single Bitcoin seed and contributed that tested definition to the official repository on Github.
Another key way we have worked to help grow the Nostr key management ecosystem is through funding bounties to implement Nostr key QR login and delegated key use in Amethyst, one of our favorite Nostr clients today. Taking the time to create issues for features you love and drive open bounties incentivizes developers to implement these features and rewards them for their incredible contributions to free and open-source code, something that is absolutely vital to continuing to grow the FOSS movement!
If you’re on Nostr today, be sure to follow us below to keep up with the latest things we’re building, writing, and sharing:
We’re also working on expanding the Taproot payments support added in this version into full Taproot support to both send and receive, implementing NIP 26 support as mentioned above, and much more. We hope you enjoy the new features in Passport’s latest firmware as much as we do, and we can’t wait to hear your feedback on what uses you find for child seeds, Nostr keys, and so much more!
If you’d like to learn more about the technical details and usage of Key Manager, you can jump right into our detailed support docs below:
We’re excited to announce that the latest version of Passport firmware – 2.1.2 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.
WHAT’S CHANGED
In version 2.1.2, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including backporting v2.1 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP 85 and Nostr key support and export, and BIP 85SeedQR exports. Features, features everywhere.
For more details on each of the changes, keep reading below!
NEW FEATURES
Backported our firmware from Batch 2 to Founder’s Edition, bringing firmware parity for all of our early supporters
We’re thrilled that those of you running Founder’s Edition devices will now have the latest and greatest features and improvements that we’ve been developing for Passport
This backport also means that we will be able to keep Founder’s Edition firmware up to date with Batch 2 as they now use the same base code
Added support for sending to Taproot (“P2TR”) addresses
Welcome to the world of Taproot, where you can now send transactions to any Taproot address (those starting with “bc1p”)
Added a “Key Manager” extension for enabling advanced functionalities
To learn more about our newest extension, dive into our support docs
Thanks to greenart7c3 you can use this today in Amethyst, a fantastic Android Nostr app!
…And possibly more in the future! This is a great place for open source tinkerers to add other keys they want to Passport’s firmware
Please note that if you export keys as QR codes, you should be careful what you scan them with! Apps like Google Camera will often open the content of the QR code in your default search engine, exposing that key to Google etc.
Added support for exporting BIP 85 seeds via SeedQR
Exports are possible via SeedQR and Compact SeedQR
Importing SeedQR is coming soon!
Allow users to display their PIN when entering it by pressing the “UP” key during PIN entry
Just in case you want to be sure you have it entered correctly, be sure not to do this in a place where it might be seen!
IMPROVEMENTS
Cleaned up our C code, optimizing our firmware and giving more space for amazing new features
Make “Erase Now” no longer the default selected option when you enter the erase screen, just to be sure an itchy trigger finger won’t accidentally erase your Passport
Ensure Founder’s Edition properly communicates its device information to Envoy
Passport will now indicate that it’s 30 seconds away from auto-shutdown by dimming its screen
Removed support for 18-word seed phrases as they are very, very rarely used
BUG FIXES
Fixes a bug where the backups folder was sometimes not created on the microSD. When this occurred Passport would also fail to create the backup file.
Improved error handling and prevention in displaying transaction info
Better handling of errors caused by other wallets’ multisig config formats
Fixed a display issue with the screen brightness icon
Fixed an issue that would prevent signing of PSBTs in sub-directories on microSD
VERIFYING AND INSTALLING PASSPORT FIRMWARE
If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page
Welcome to This Month in Sovereignty, a new monthly newsletter from Foundation.
With all that we have going on here at Foundation, the exciting news among our ecosystem partners, and the rapid pace of innovation around Bitcoin and self-sovereignty tools, we wanted to create a one-stop place for you to keep up with everything happening in the space.
We’ll use this newsletter to highlight development and content at Foundation, give you insight into what we’re loving this month as a team, and help you keep up with the ever evolving world of self-sovereignty, privacy, and Bitcoin. Let’s dive in.
This month at Foundation
Updates
It’s been a very busy month for us as we’ve finished squashing a few key bugs and have been able to focus more on building out new features for Passport and Envoy by the handful. We shipped two firmware updates for Passport, drastically improving QR and transaction signing performance, and shipped a major new open beta for Envoy featuring complete hot wallet support.
We focused on rebuilding transaction signing and QR scanning from the ground up, bringing you a faster and more seamless experience when sending Bitcoin using your Passport.
With this open beta we’re greatly expanding what Envoy is capable of, making it a feature-rich Bitcoin hot wallet in addition to its existing role as a watch-only wallet and management app for Passport.
Blog posts
Our broad focus on content this month was around equipping you with the tools you need to gain financial sovereignty through Bitcoin privacy, and to approach Nostr in a privacy-preserving way as a new and powerful social media platform.
“Nostr has been taking the Bitcoin world by storm over the past few months, and with it comes a chance to correct the mistakes of the current social media paradigm… Nostr takes a novel approach to its network design, and we want to be sure that Nostr users like yourself are well-equipped to use Nostr in a way that preserves your privacy and security from the start.”
We expanded on the concepts discussed on Journey to Sovereignty in our special “Bitcoin doesn’t need banks” in a standalone blog post, walking through our favorite no-KYC P2P exchanges, how they work, and how you can get started.
“You just traded fiat for Bitcoin directly with another human without involving any intermediaries, without sacrificing your personal privacy, and without giving up custody of funds to an exchange for a prolonged period of time. P2P exchanges are the future.”
Journey to Sovereignty
We started a new podcast and Twitter Space this year called “Journey to Sovereignty” as a place for us to chat about all things sovereignty, the why and how of reclaiming your digital sovereignty, and to give you all a chance to chime in, ask questions, and join the conversation. We’ve had a great time diving deeply into the concepts of sovereignty, personal privacy, and Bitcoin’s power to provide financial freedom.
In March, we walked through on-chain privacy in Bitcoin, discussed how we can free ourselves from banks and middle-men as we acquire Bitcoin, and how an ongoing attack against Bitcoin nodes works and how you can protect yourself against it.
In this episode we took a more technical deep dive into all things Bitcoin privacy, starting with why Bitcoin transactions reveal the information they do, and what information we must protect to preserve our privacy while using Bitcoin.
In this episode we talk through how Bitcoin was built from the ground up to stand on its own and how you can acquire and use Bitcoin without ever touching your bank account.
If you’ve heard about ways that Bitcoin nodes can track you or theoretical attacks against Bitcoin nodes, we’ve got you covered in this episode. We dive into how network privacy works in Bitcoin, what nodes learn about you, and discuss an active attack against your node that’s been going on for the past few months.
Our conversation was based on the excellent research published by 0xB10C here:
You can follow the podcast on your favorite platforms, including Apple Podcasts, Spotify, Google Podcasts, and Fountain, a Bitcoin-powered podcast platform where you can support content creators directly with your sats.
If you listen and boost Journey to Sovereignty on Fountain, we forward 100% of the sats you send us to other free and open-source projects we love in the Bitcoin space:
In this segment of the newsletter we share what our team has been loving in the space, be it podcast, blog posts, media, etc. Get to know the Foundation team a bit better and hopefully find some content you’ve been missing!
Our team has been diving deep into Nostr, and with it comes lots of good content around the rapidly growing space:
Struggling to keep up with the rapidly evolving landscape of Nostr? We’ve been enjoying the Nostrovia Podcast, available on all your favorite podcast platforms.
Jameson Lopp and Lyn Alden wrote our favorite pieces on the topic of Nostr so far:
March ended up being an absolutely shocking month of news from every angle, including bank collapses, harsh proposed regulations, and big news in the privacy ecosystem.
Members of US Congress proposed the RESTRICT Act – supposedly as a tool to prevent China from wielding addictive platforms like Tik Tok as a cyberweapon for data collection and manipulation – giving sweeping power to the federal government to restrict access to specific apps or tools and levy harsh penalties on anyone who breaks these new rules.
The RESTRICT Act also proposes harsher penalties for anyone using a VPN or anonymity network to try and get around a ban or restriction, reminiscent of the “Great Firewall of China” and the Chinese government’s totalitarian control over Internet access.
Here are two of the best pieces of content we’ve found around the bill:
A run on banks caused by doubt around solvency led to multiple banks collapsing in March in the US and around the world, sparking fears of an epilogue to the financial collapse of 2008. Our friends over at The Bitcoin Layer provided incredible insight into the collapse and covered how they see things playing out over the long term in these posts:
Mullvad teamed up with the Tor Project to release a spin on the Tor Browser… without Tor! This is a hyper-secure and privacy-focused browser based on Firefox that drills down on protecting your anonymity while you browse without introducing the inherent user experience issues of Tor.
This month’s step towards personal privacy and security
Still stuck on Google Chrome or default Firefox but looking to improve your privacy while browsing? Our focus this month is to help you make the jump to a browser that cares about your privacy from the start, providing you a strong base and a jumpstart towards better online privacy.
One of our favorite hardening guides for Firefox is made by an excellent content creator in the privacy space, TechLore. This guide goes step by step with very simple instructions and walks you through the process. Don’t let it scare you! It’s very straightforward, and only needs to be done once per computer.
Brave has some excellent defaults, but certainly takes some odd approaches (like cryptocurrency ads all over the place and built-in cryptocurrency wallets which aren’t helpful to most people). This guide will help you harden its defaults, disable all of the Brave cryptocurrency integration, etc.
Mullvad’s browser was just announced this month, but provides a great entry-point for the more hardcore among you. It takes strong steps towards reducing browser fingerprinting and bundles an excellent set of defaults for you out of the box.
What we’re working on
We’re excited to release a swath of updates for Passport and Envoy in April, including an open beta for Passport v2.1.0 that will include lots of exciting new features that we’ve been building out for you. This might just be our biggest month of software releases ever.
To keep up with what we’re building, you can follow us on Twitter, on Nostr, or subscribe to our newsletter below so you can stay in the loop.
As governments attempt to stanch the bleeding of citizens waking up to the need for freedom and fleeing the dollar for harder money, they are rapidly shutting down the centralized, surveilled, and regulated on and off-ramps that the Bitcoin ecosystem has relied on for so many years. The resulting tightening of regulation and control should be a helpful push for each of us to explore the tools available for buying and selling Bitcoin as we need without trusting third parties, giving up Personally Identifiable Information (PII), or giving up custody of our Bitcoin.
The search for a powerful and yet easy-to-use peer-to-peer (P2P) platform for buying and selling Bitcoin has been a complicated road, but the last few years have seen rapid growth, added liquidity, and improvements in the tools we have at our disposal. In this post we’ll break down what a P2P exchange is, why we need them, and how you can approach using some of the best out there today.
Why we need P2P exchanges
When Satoshi set out to create Bitcoin, he envisioned a world where Bitcoin freed us from the control and surveillance of third parties, banks, or custodians. A world where we have ultimate control of our money, we contribute to network security through mining, running a node, and paying network fees, and where we can carve out the middle-man we’ve had to endure in the modern financial system. Instead, much of the Bitcoin ecosystem today centers around custodial exchanges that charge fees, collect sensitive information about Bitcoiners and their on-chain activity, and constantly rug pull users intentionally or due to hacks and theft.
What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.
Satoshi Nakamoto
Thankfully, even though these exchanges have dominated the Bitcoin space so far, developers and Bitcoiners have been working tirelessly to build tools that keep the middle-man out of our fiat <> Bitcoin trades and allows us to embrace the intended form of Bitcoin – one that is censorship-resistant, non-custodial, and P2P in nature. Bitcoiners trading with other Bitcoiners is the path towards making Bitcoin much more resilient to attacks by nation states and regulators, and is key for us to be able to continue using Bitcoin with or without the State’s approval. No banks required.
What is a P2P exchange?
Though most of us are familiar with the flow of using a centralized exchange, few Bitcoiners have ventured into the waters of P2P exchanges yet. As a result, the thought of breaking the centralized paradigm and trading directly with other people can be daunting, but thankfully the reality is far more approachable! In a P2P exchange, you’re no longer trading with a faceless corporation or trading desk, but instead you’re working directly with other Bitcoiner’s like you to buy and sell Bitcoin as you need.
While the exact approach to using these tools can differ, the core principle is the same. For this scenario, let’s assume you want to buy Bitcoin:
The platform hosts an “order book,” letting you easily see what amounts are available at what prices.
You select an offer you want to take, and a trade is created between you and the “maker” of the offer.
The maker deposits Bitcoin into a multisig wallet you share to ensure that he can’t run off with your fiat.
You coordinate fiat payment with the maker, usually something like Zelle, Cash App, Revolut, or cash face-to-face or by mail.
Once fiat payment is completed, the maker confirms he received the fiat and releases the Bitcoin to be sent directly to your wallet.
And that’s it! In reality it’s a simple and uncomplicated process, but does differ from the flow we’ve all become accustomed to with centralized exchanges. You just traded fiat for Bitcoin directly with another human without involving any intermediaries, without sacrificing your personal privacy, and without giving up custody of funds to an exchange for a prolonged period of time. P2P exchanges are the future.
Our best options today
So what are you waiting for? Let’s dive into our favorite options out there today, learn a bit about them, and go over some resources that are helpful when getting started. The beauty of a free and open ecosystem driven by people like you is that there is a broad range of tools available, each with a unique set of benefits and tradeoffs.
A quick note: though it might be confusing, most of the P2P options that are widely used still rely on a centralized website in order to find buyers and sellers. However, even though there is a centralized website or platform in most of these tools, they don’t hold your Bitcoin, don’t collect personal information, and merely serve as a gateway to trading safely and securely with other Bitcoiners. Also, the list below is in no particular order, we love all these P2P exchanges equally.
AgoraDesk
AgoraDesk is a platform in the vein of LocalBitcoins (RIP), providing a simple and intuitive platform for buying and selling Bitcoin P2P. When you trade on AgoraDesk, you create a simple profile (no PII involved!), select an offer according to the payment method you prefer, and trade directly with other humans. AgoraDesk also recently launched an excellent open-source mobile app, making it far easier to buy and sell Bitcoin on the go.
How it works
AgoraDesk is a centralized platform with a company behind it that acts as an arbitrator for trades in case of any dispute. When a seller creates an offer, the seller has to lock Bitcoin (equal to the trade amount) in an “arbitration bond,” providing funds that will be used if the seller attempts to back out of the trade or run off with your fiat. If the seller follows through, the appropriate amount of Bitcoin gets sent to you after the seller confirms receipt of your fiat, and all is well. If the seller attempts to steal your fiat or fails to follow through on the trade, an arbitrator gets involved and their arbitration bond (equal to the amount owed to you) is sent to you as compensation.
As long as you read carefully along the way and be sure to follow all steps properly, there is no way that a malicious seller can scam you out of your funds.
This step-by-step guide created by an awesome member of our community is a go-to resource for anyone new to AgoraDesk.
Hodl Hodl
Hodl Hodl is a very similar platform to AgoraDesk, focusing on buying and selling Bitcoin P2P. They never custody your Bitcoin, never hold your fiat, and seek to protect your privacy from the moment you start using their platform. Simply sign up with an email and password, pick (or make) an offer for the payment method you want to use, and get Bitcoin directly to your wallet. No KYC. No middle-man. No custodians.
How it works
Hodl Hodl is also a centralized platform with a company that acts as an arbitrator in the case of a dispute. When you accept an offer, the seller and you create a 2-of-3 multisig escrow along with Hodl Hodl. This multisig ensures that if the trade goes well you and the seller can collaborate to send the Bitcoin to your wallet properly, but if the seller is malicious or fails to follow through on the trade an arbitrator can step in and assist. If the seller fails to follow through, an arbitrator can review the trade and send the Bitcoin to the harmed party (whether buyer or seller), ensuring that good actors don’t lose any funds.
As long as you read carefully along the way and be sure to follow all steps properly, there is no way that a malicious seller can scam you out of your funds.
Peach Bitcoin is one of the newest P2P exchanges to leap onto the scene over the last year, and has become a favorite of many in our community even while it remains in beta. Peach Bitcoin is a simple app that connects you with sellers directly, facilitating trades in a very similar fashion to AgoraDesk and Hodl Hodl but with a focus on mobile, intuitive user experience, speed, and a modern UI.
Peach also helps you backup your app in a self-sovereign way, save fiat payment methods for easier trades, and much more.
How it works
Peach Bitcoin is a centralized platform that acts as the arbitrator in trades. When a seller creates an offer, the seller sends Bitcoin to a 2-of-2 “decaying” (more on that later) multisig wallet that he shares with Peach, ensuring that he can’t send funds without Peach’s approval and Peach can’t steal funds themselves. If the trade goes properly, the seller and Peach will work together to send funds to your wallet directly. If the seller is malicious or fails to follow through, after 30 days the multisig will decay to a 1-of-2 and Peach will control the funds, sending them to the buyer appropriately. This approach allows trades to proceed much more quickly as the seller’s Bitcoin are already locked in the multisig escrow and confirmed on-chain before a buyer even accepts the trade.
As long as you read carefully along the way and be sure to follow all steps properly, there is no way that a malicious seller can scam you out of your funds.
A step-by-step guide to setting up your account, making and taking offers, and using Peach from start to finish.
Robosats
Robosats is an incredibly innovative P2P exchange built around the Lightning Network, enabling you to buy and sell Bitcoin directly on Lightning from other people across the globe. Robosats can only be used over Tor, ensuring that you have strong privacy from both Robosats themselves and the peers you trade with.
Not only that, but each time you use Robosats you quickly generate an entirely new “Robot,” giving you a new pseudonym and account to transact under. You should always backup the token Robosats gives you to recover your active trades if you delete the app or close the website while an offer or trade is active. If you’re an active Lightning user, Robosats is an important tool in your toolkit and an awesome P2P exchange.
How it works
Robosats is a centralized platform where they act as an arbitrator in the case of a dispute like the other options, but as it’s a Lightning-centric platform the methods differ. When a seller opens a trade, the seller locks a “fidelity bond” of a small percentage of the total trade amount. When a buyer takes the trade, the buyer also locks a small fidelity bond of the same percentage, and if either buyer or seller fails to follow through in a timely manner their bond is forfeit to the honest party. Once the trade is in-progress, the Bitcoin seller locks funds in an escrow “hold invoice” to Robosats wallet and the buyer provides an invoice of the same amount to Robosats.
If the trade is successful, the fidelity bonds are returned to the buyer and seller appropriately, and the locked hold invoice pays out to Robosats, who then pay out the full amount to the buyer’s provided invoice. If the trade is unsuccessful and one party is malicious and tries to game the system, a dispute can be opened where an arbitrator steps in and determines the honest party, rewarding them the fidelity bond of the malicious party and sending the sellers Bitcoin to the buyer if fiat has already changed hands.
As long as you read carefully along the way and be sure to follow all steps properly, there is no way that a malicious seller can scam you out of your funds. Note that in order to make your first trade on Robosats you do need to already have Bitcoin in order to lock the fidelity bond upon making or taking a trade.
Learn which Lightning wallets work best with Robosats, as they use a unique approach to Lightning invoices that doesn’t always play nicely with Lightning wallets.
Bisq
Bisq is the only P2P exchange for Bitcoin that is truly decentralized in nature and does not rely on a single website or entity for its functionality. This makes Bisq an extremely resilient platform for buying and selling Bitcoin, even in the harshest adversarial environments around the world. Bisq operates as a standalone desktop app that natively integrates the Tor network for preserving your privacy when communicating with the Bitcoin network, the Bisq network, and your trading peers.
While Bisq doesn’t have the more familiar UX of other options we’ve given, it provides an option that is viable in almost any scenario and should be much more resistant to pressure over the long run.
How it works
Bisq stands apart from the other options on this list due to its true decentralization, and as a result has a slightly different model for security. When a seller creates an offer and when a buyer takes an offer, both buyer and seller lock security deposits (with the amount being set by the seller). When the trade begins, the Bitcoin being sold is sent to a shared 2-of-2 multisig wallet between the buyer and seller, ensuring that neither party can steal funds from the other. If the trade is successful, the buyer and seller both sign to send the funds to the buyer’s wallet directly.
If either party is malicious, a dispute can be opened where arbitrators from the community are engaged to help decide the honest and malicious parties and properly award the security deposits. If no resolution can be reached between both parties, the funds can be sent to a Bisq community donation address by either party and the arbitrator can reimburse the honest party from the Bisq DAO.
As long as you read carefully along the way and be sure to follow all steps properly, there is no way that a malicious seller can scam you out of your funds or prevent you from being reimbursed by an arbitrator. Note that in order to make your first trade on Bisq you do need to already own Bitcoin, as you must lock a security deposit when making or taking offers.
Another great guide by BitcoinQnA, this walks you through the process of using Bisq from start to finish.
Azteco Vouchers
Azteco is an entirely different beast, and actually not a P2P exchange at all so we’ve added it as a bonus! Azteco is on this list still as it provides a powerful way to buy Bitcoin directly from corner shops and retailers in many countries without providing ID or even creating an account anywhere. Azteco does this by creating Bitcoin vouchers (just like those “top up” SIM cards) that you can buy for cash or with a credit card in person. Simply buy a voucher in person, go to azte.co, and redeem the voucher directly to your Bitcoin wallet. Azteco has many of the same benefits as normal P2P exchanges, and is a great option if you want to buy in person but don’t have any P2P sellers in your area on something like AgoraDesk or Hodl Hodl.
How it works
Azteco is obviously very different from the other options listed here, and is entirely custodial until you redeem the voucher given to you when you purchase. As such there is no risk of a malicious peer stealing your Bitcoin, but of course you are trusting Azteco to properly send the Bitcoin when you go to redeem the voucher!
The only key thing to watch out for is to be sure the Azteco vendor you choose is properly listed on their site before buying a voucher to prevent unknowingly buying counterfeit vouchers.
Quickly find a vendor near you with an interactive map.
What to look forward to
We’ve only scratched the surface of what can be built for empowering use of Bitcoin without needing banks, and the recent explosion is strong evidence that the concept of P2P exchanges is taking off. We’ve been thrilled to see new apps like Peach Bitcoin and Robosats rapidly growing in volume and usage, and can’t wait to see what ingenious tools get built in the coming years. As more and more Bitcoiner’s start to use P2P exchanges to buy and sell Bitcoin, the future becomes brighter for how easy these tools are to use, how much liquidity is available, and how much funding goes to building them out.
We hope that this list gives you practical ways that you can start to use Bitcoin without involving the traditional banking system, enabling you to access Bitcoin without permission and without surveillance. Now let’s get out there and build a better world with Bitcoin at its core.
We’re thrilled to announce a major new open beta of Envoy, our mobile Bitcoin wallet and companion app for Passport. With this open beta we’re greatly expanding what Envoy is capable of, making it a feature-rich Bitcoin hot wallet in addition to its existing role as a watch-only wallet and management app for Passport. Hot wallet support in Envoy opens up financial sovereignty through our tools to many more users and lays the groundwork for other privacy and security features we’re building behind the scenes.
The best of both worlds
Bringing hot wallet support to Envoy makes the pairing of Envoy + Passport the best of both worlds, allowing you to store your wealth in a highly-secure and yet easy-to-use package with Passport while also spending your Bitcoin on the go with just a few taps in Envoy. You’ll be able to easily move funds back and forth between your hot wallet and Passport, make transactions, and view your hot and cold balances from anywhere – all from a single app!
Not a Passport owner? This update brings you full Bitcoin wallet functionality without ever needing to purchase Passport. You can use Envoy to store and spend your Bitcoin across iOS and Android with strong security, simple privacy via Tor, and a new and uniquely approachable onboarding experience. We don’t want to limit financial sovereignty to only those who can purchase a Passport, so Envoy as a hot wallet is our way to bring our best-in-class design, intuitive and approachable UI and UX, and peace of mind to smartphone users across the globe.
What is a “hot wallet?”
In Bitcoin, the term “hot wallet” refers to any wallet that keeps your keys on an internet-connected device for easier spending and receiving of funds. While you don’t want to keep your life savings in a hot wallet, it provides much easier access to a bit of Bitcoin for spending, tipping, and onboarding new users.
Envoy has traditionally been a “watch-only wallet” that connects to Passport, allowing you to view your balance and create transactions, but providing limited functionality when you are away from your hardware wallet. Now you can enjoy Envoy not just as a companion app for Passport, but also as a fully-featured standalone Bitcoin wallet on the go.
Backups, simplified
Notably, Envoy Wallet introduces a new seedless onboarding experience we call Envoy Auto-Backup. While Envoy users can of course manually handle seed words if desired, we aimed to engineer a solution that enables 60-second onboarding and automatic backups of Envoy’s private key and application data (such as settings and labels).
Additionally, we wanted to ensure that Envoy does this without collecting any user data – no email address, no passwords, no IP address if Tor is enabled – no friction! We hope Envoy Auto-Backup will lead to a massive increase in self custody, with easier onboarding than even an exchange.
Here’s how Envoy Auto-Backup works
Envoy generates a seed and stores it on your phone’s secure element.
Since most users have iCloud Keychain or Android Auto-Backup enabled, the seed is automatically synced to your other iOS or Android devices – fully end-to-end encrypted, without needing to give Envoy permission to access your iCloud or Google account.
“iCloud protects your information with end-to-end encryption, which provides the highest level of data security. Your data is protected with a key that’s made from information unique to your device, and combined with your device passcode, which only you know. No one else can access or read this data, either in transit or storage.”
“Android preserves app data by uploading it to the user’s Google Drive—where it’s protected by the user’s Google account credentials. The backup is end-to-end encrypted on devices running Android 9 or higher using the device’s pin, pattern, or password.”
Envoy then creates a backup folder containing your app settings, account labels, and other non-sensitive app data, making sure that restoring Envoy back to its perfect state for you is a breeze. This folder is end-to-end encrypted with your seed, meaning Foundation can never see the contents. We call this the Envoy Backup.
The fully encrypted Envoy Backup is uploaded to Foundation’s servers, alongside a hash of the seed (a cryptographic representation of the seed that proves your knowledge of the seed, not the seed itself!) so that we can ensure no one else can attempt to download your backup without proving knowledge of your seed phrase.
There is no Foundation user account – all you need is access to your Apple or Google account and you’re all set.
Restoring from Envoy Auto-Backup
If you lose your phone or delete the Envoy app, restoring your Envoy Wallet takes only a few seconds with Auto-Backup.
Envoy checks the secure element on your phone and looks for the seed.
If it discovers a seed on the secure element, Envoy hashes the seed and sends the hash to our server.
This merely proves your knowledge of the seed and does not reveal your seed to Foundation in any way!
If it does not discover a seed, it downloads the encrypted seed backup from Apple or Google and restores the seed to the secure element. Then Envoy hashes the seed and sends the hash to our server.
Envoy then downloads the encrypted envoy backup from our servers.
Envoy uses the seed to decrypt the Envoy Backup file locally and restores all user settings, account labels, and other app data, so it’s like you never left.
Other notable changes
We’ve also added the following features and improvements along with the fully functional hot wallet in v1.1.0:
Added bio-metric/PIN authentication for Envoy
Now you can protect your hot wallet or Passport balance from prying eyes
Added the ability to swipe on accounts to hide balances while you’re on the go
Implemented screenshot protection to prevent screenshots of sensitive screens in Envoy
Bumped the integrated Tor version to 0.4.7.10
Bumped Flutter SDK version to 3.7.7
Improved firmware update flow for Android to better account for slow file transfers
Some users experienced issues writing the firmware to microSD in the time we set for Envoy, so we’ve better handled those edge cases in this release
Current gaps
Passphrase wallets are not currently supported.
We do plan on supporting passphrases with the public release, but are currently working on implementing a smooth user experience around passphrases and how they interact with the auto-backup feature.
Deleting only the hot wallet is not currently possible.
You can still reset the app by uninstalling/reinstalling or clearing app data, but please note that this will currently reset the entire app, including Passport accounts etc.
What is a “public beta?”
As this is a major overhaul of Envoy from the ground up, we’re launching hot wallet support first as a public beta to let our awesome community test drive it. When you join the public beta you get to be the first to try out hot wallet support, help drive new features and improvements via feedback directly to our team, and make your mark on what we’re building to empower the next phase of financial sovereignty.
As this is a public beta, we expect that you’ll run into some minor issues and bugs as we work through them together, but we’ve worked hard to make it a complete and usable wallet from the moment the beta launches.
How can I get access to the beta?
We’ve pushed the beta version of Envoy to all of our normal channels as a separate beta release, so you can join one of three ways:
If you’re on iOS, you can join our TestFlight program at the following link:
Download the APK titled “envoy-apk-1.1.0-beta.zip” directly from the above link, extract it, and install
As this APK is signed with our own keys instead of Google’s keys via the Play Store, if you’re using the Play Store version you’ll have to uninstall Envoy first before installing the public beta
How can I give feedback?
As you use Envoy as a hot wallet, we’d love to hear from you – every issue, bug, or favorite feature that you love! The more feedback we get during the public beta, the bigger impact you can have in the direction we take with Envoy and the better app we can launch to the rest of Envoy’s users down the road. There are three main places you can go to give us feedback:
We have a standalone Telegram channel for live feedback and discussion of beta releases to keep the main channel uncluttered for our other community members
Our goal with this public beta is to flush out any remaining bugs or UX quirks so we’ll run the public beta for around two weeks. Throughout the public beta period we’ll push new releases as necessary to allow you to test updates and bug fixes as we go, and then at the end of the beta period we’ll launch Envoy as a hot wallet for every Envoy user across all platforms.
We’re excited to get the next piece of your financial sovereignty toolkit out to the masses and onboard a wave of Bitcoiners to complete self-custody, privacy, and financial sovereignty sat by sat.
We’re excited to announce that the latest version of Passport firmware – 2.0.7 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.
WHAT’S CHANGED
In version 2.0.7, we’ve reworked memory management when signing transactions from the ground up, drastically improving handling of larger than normal transactions via QR codes. We’ve also added the ability to delete files from microSD directly on Passport, allow you to export multisig configs directly via QR and microSD, and cleaned up a few small bugs.
For more details on each of the changes, keep reading below!
NEW FEATURES
Added the ability to delete files off of the microSD card directly from Passport’s file explorer
Added a feature to easily export full multisig configs via QR or microSD
Passport can now act as an additional secure option for you to store your multisig configuration file(s)
Now, if you were to lose a hardware wallet and its backup, you can easily recover your entire multisig wallet in something like Bitcoin Keeper, directly from Passport
IMPROVEMENTS
Drastically improved memory management when signing transactions via QR code
This improvements means that even those of you with complex multisig setups or dozens of UTXOs can now use QR codes to sign transactions
We do still recommend microSD for abnormally large transactions, as it is much faster for passing larger amounts of data by nature
Improved how we display sending funds to yourself to make it clearer what is happening
Renamed “Keeper” to “Bitcoin Keeper” in wallet export flow
BUG FIXES
Corrected a color inversion issue with the camera viewfinder
Corrected a minor terminology issue in multisig config text
Fixed a bug where Passport could say it was exporting a wallet summary to microSD without a microSD card inserted
Added a more detailed and helpful error message when a transaction is too large to sign via QR codes
VERIFYING AND INSTALLING PASSPORT FIRMWARE
If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page
Nostr has been taking the Bitcoin world by storm over the past few months, and with it comes a chance to correct the mistakes of the current social media paradigm. While the actual use-cases for Nostr are practically limitless, the overwhelming majority of usage today has come in the form of a censorship-resistant and Lightning-centric social media platform built around user choice. Nostr takes a novel approach to its network design, and we want to be sure that Nostr users like yourself are well-equipped to use Nostr in a way that preserves your privacy and security from the start.
What is Nostr?
Nostr is a new protocol (think TCP/IP or HTTP, like what your browser uses) that focuses on the very simple goal of publishing and reading events in a distributed way. It does this by allowing anyone to run a client (how you read or write events) and/or a relay (how you share events with others). Each relay communicates only with users who choose to send or receive events using it and not with other relays, a significant departure from Bitcoin’s model – called a “gossip” model, where all servers share events with all other servers they know – and the approach taken by the Fediverse, where servers that can communicate and share events but do not have to.
This new protocol is extremely simple and diverse by design, allowing a plethora of apps and services to be built on top of it, but the most traction so far has come from its use as a social media platform. Nostr provides a strong base for a user-centric social media platform, as you, the user, have complete control over where your posts are shared (which relays), which users you see or don’t see in your feed (by following specific users or only reading from specific relays), and what client you choose to use to post or consume content.
When you post to Nostr, your client simply translates the content you write into a format called JSON, signs it with your private key to prove it’s from you and cannot be tampered with, and publishes it to relays you’ve selected. Everyone who follows you and connects with relays you publish to will see your content in their timeline exactly as intended. When you browse Nostr, you see only content from people you choose to follow, in chronological order, without advertisements or algorithmic wizardry causing issues. Simple. Clear. Social media as it should be.
If you want to learn more about Nostr, you can read some excellent resources below:
Awesome-nostr, a curated list of Nostr projects and resources
Nostr’s privacy tradeoffs
The proxied-relay approach that Nostr takes is excellent at decentralization and censorship-resistance, but one thing it doesn’t do well is protect a user’s privacy by default. Because you need to connect to many different relays to communicate with most people using Nostr today, you’ll be exposing your IP address (your unique identifier on the internet) to every relay you connect to, directly associating your IP address to your digital identity on Nostr. This could be used to connect your Nostr identity with other online activity, connect multiple Nostr identities you control together without your consent, and even give the relay operators a rough idea of where you live.
Another key issue with the approach taken by Nostr is that there is no central server used for hosting media like pictures and videos, so users have to upload media to a server of their choice to share it. As a result, your Nostr client will have to connect to any number of untrusted servers hosting media to properly show you pictures and videos in your feed. While this does remove trust in a centralized server, it also exposes you to tracking or malicious content from third parties that you may or may not want to connect to. Thankfully, most Nostr clients are starting to prevent loading of content from untrusted sources, but this still poses a broad risk to your privacy and security.
Lastly, there are two more minor privacy caveats with Nostr that are important to know, but don’t necessarily present a problem for the average user. The first is that direct messages in Nostr use public events where the message content is encrypted to the recipient’s private key, meaning that while all message content is private by design, the metadata about who you talk to, when, is completely public information. The second minor privacy issue in Nostr is that Zaps, a Lightning tip sent for a specific note on Nostr to show that you loved the post, are public by default and reveal the amount, timing, and any comment included to the entire Nostr network. While this is the default, clients like Damus and Amethyst are working on ways to allow you to send “private Zaps” which encrypt all information except time and amount to the recipient, hiding the sender and any comments from everyone else on Nostr.
Protecting your keys
One of the foundational ways to preserve your privacy involves making sure that no one else ever gets access to your private keys. In Nostr, in order to access your account, post notes, and respond to others, you have to be able to sign events on the Nostr network with the correlated private key for your account. That means that every Nostr app requires a way to sign using your private key, leading to less than ideal security with many of the current approaches.
When approaching Nostr, you should aim to minimize how often you expose your private key to apps and restrict access as much as possible to your private key. In order to limit how often you expose your private key to apps, the best way on mobile is to choose a client, sign in with your private key, and stick with it if at all possible. Unfortunately, you’ll currently have to copy and paste (or manually type out) your private key (the key starting with ‘nsec’) to sign into mobile apps, but won’t need access to your private key on mobile after the initial sign-in.
When you’re using desktop apps, particularly web apps like iris.to or nostr.social, you can limit exposure of your private keys by using a browser extension to store your private key in an encrypted manner and authorize access to it. That way, you can paste your private key into a trusted extension once and use any web app you like after that without directly exposing your private key to each app. We recommend the most popular and trusted extensions below:
Flamingo is another simple Nostr extension with a beautiful UI
Logging into nostr.social with the Alby extension
While we’re working on some unique ways to leverage Passport for Nostr key management, the best way to store your private key for Nostr will be to treat it like a sensitive password and store it in an end-to-end encrypted password manager like Bitwarden. Bitwarden is an amazing tool for managing your online life through storing usernames, passwords, and email addresses for all of your accounts and auto-filling them via their browser extension, and Nostr private keys are a great fit. Bitwarden is free and open-source, and uses strong end-to-end encryption to ensure that even if Bitwarden was malicious they couldn’t view what sites you access or any of your login information. You can easily store your Nostr private key as an item in Bitwarden, allowing you to enter it as needed on desktop or mobile easily.
Protecting your IP address
The next key step to take is to prevent relays and media hosting servers from learning your true IP address, and the easiest way to do that is to use a trustworthy and dependable VPN provider. While a VPN provider isn’t a perfect solution to network privacy issues, it does allow you to shift the trust from your network provider (home ISP, mobile carrier, etc.) to a 3rd-party you trust more than them (and that don’t have your personal information or address). Once you’re using a VPN, you’re actively preventing the sites, apps, and tools you interact with online from learning your home IP address and connecting all of your activities back to you.
Our team is a big fan and many of us are users of two well-known VPN providers in the space which we’ve linked below for easy reference. Both IVPN and Mullvad accept Bitcoin (on-chain and Lightning) for subscriptions and require no information from you to create an account, not even an email address!
Please note that we have no direct affiliation with either provider and don’t profit off of your use of either, we just love their approaches and use them ourselves.
Choosing the right relays
Nostr takes the idea of self-sovereignty and personal responsibility as a core ethos, as you are in complete control of your data and your usage of the protocol. As each Nostr relay you connect with gets information about your IP address (hopefully just a VPN address if you followed the above recommendation), when you’re using Nostr, when you publish events, and who you interact with. While much of this information is public – and has to be so for a useful social media platform – being able to selectively reveal this information is an important benefit of Nostr.
While relay selection is certainly a personal preference as it changes what notes you can view and who can see your notes, limiting it to the bare minimum provides better privacy and generally better performance in your Nostr clients at the same time. The use of paid relays can also be helpful, as they limit spam and access to your public data behind a paywall. The list of relays and their usefulness changes frequently at this early stage in the network’s development, but we’ll provide a few recommendations below that are widely recommended:
nostr.wine
Nostr.wine is a paid relay that has a stellar reputation and a unique additional service that paid users can leverage
Their filter/broadcast service allows you to publish events to the most popular relays through their relay
This relay is actually just a proxy that publishes events for you to all known relays using a tool called Blastr
This can be a great single write-only relay, ensuring your notes make it to pretty much the entire Nostrverse
Note that if you do use only this relay proxy to write to, you do open up censorship as they could choose not to relay your events for some reason! If that’s a concern for you, consider writing to multiple relays.
relay.nostr.band
This relay applies a trust-based spam filter to all events, providing a much better global feed than most and serves as a good read-only relay
Adding these relays to your client will vary depending on which client you choose, so please check out the documentation of your favorite client or check in the settings! You usually will have to add a ‘wss://’ before the relay address as well.
Getting started with Nostr
If you’ve read through this post and want to jump into using Nostr, we’ve learned a few things as team members have jumped onto the Nostr train. We’ll drop recommendations based on this below in a rapid-fire style, but feel free to reach out with questions and we’d be happy to help point you in the right direction!
Choosing a client
Choosing a client is ultimately down to personal preference and depends on what platform you use (Android, iOS, Windows, etc.), but some of our favorites are:
Vitor Pamplona, the lead dev, has done a fantastic job building out Amethyst and it feels like he releases a new major improvement every day. Amethyst is a fantastic client top-to-bottom, and is what both Seth For Privacy and Bitcoin QnA use on our team.
Iris.to is another great web client and is quickly becoming the go-to for web.
Amethyst on Android’s UI as of v0.24.0
Verifying your Nostr account
Nostr takes a very different approach to Twitter, allowing all users to be “verified” through the use of DNS and a simple web server. While we definitely recommend pursuing the fully self-sovereign approach to verifying your account on Nostr and hosting it yourself, we recognize that not everyone can do that so we’ve included some trusted Nostr verification services as well below:
For more info on verification, you can read more here
Our very own Seth For Privacy has created an easy-to-use way to do your own self-hosted verification using Docker, allowing you to quickly set up the full verification on a VPS with your own domain name
Bitcoin QnA has set up an easy to use tool to get a verified account using his domain, bitcoiner.chat, for free! This is an excellent solution for those of you who can’t self-host your own verification, and is provided by one of the most trustworthy people in the space, if we do say so ourselves.
Nostr Plebs is one of the original NIP-05 verifiers, and is run by a fantastic Nostrich named Derek Ross.
A NIP-05 verified account, see the purple check-mark
Conclusion
We’re thrilled to watch the progress being made in a Bitcoin-centric social media platform that puts the user first, as it embodies so much of what Foundation is all about. We hope that this short guide helps you get started with Nostr in a way that allows you to preserve your privacy and security from the start, and we look forward to seeing you all over there.
If you’d like to follow us on Nostr you can find our official company account along with a few of our team members below!
In our previous blog post we briefly touched on how important it is to protect the privacy of the recipient in a transaction. Today we’re going to take a closer look at a specific way to preserve privacy – “reusable payment codes”, otherwise known as “stealth addresses.” While the concept of the reusable payment code is not a new one – a form of them was officially proposed as a Bitcoin Improvement Proposal (“BIP”) in 2015 by Peter Todd – they’ve become a popular topic again after two recent proposals on new ways to implement them.
Today we’ll walk through why we need reusable payment codes, how the current approaches differ, and how you can start using them today.
Why do we need reusable payment codes?
If you’ve ever had to receive Bitcoin multiple times from the same person before, you’ll know that there is a seemingly simple choice to make – do you generate a new address for them each time (and communicate it somehow), or do you tell them to re-use the same address? If you choose to generate a new address each time, you have to actively communicate somehow, send them the address, and hope they copy and paste it correctly each time. If you instead choose for them to reuse a single address, you harm the privacy of both participants in order to simplify repeat payments.
For a real-world example, consider the case of wanting to accept donations as a political dissident. If you choose to post a single static Bitcoin address, you put every donor (and yourself) at risk of trivial surveillance in order to simplify the process for you and your donors. If you choose to generate a new address for each donor, you have to run extra infrastructure like BTCPay Server or SatSale, increasing the difficulty exponentially and requiring some technical know-how. We’ve even seen a recent example of this in donations raised by Russian opposition leader Alexey Navalny, easily visible to anyone with a blockchain explorer and actively surveilled by the Russian pro-Putin government.
The dilemma in both of these simple cases is exactly what reusable payment codes seek to solve, allowing you to provide a single static string of characters (a “code”) that can be reused as many times as necessary – even by multiple senders – without sacrificing privacy or requiring online communication with the recipient. To better understand how this type of tool presents a solution, we need to dig into each of the current proposals, including the only current live implementation of reusable payment codes, PayNyms (or BIP 47).
Where did the idea of reusable payment codes come from?
The original idea for reusable payment codes (originally called “stealth addresses”) is over a decade old at this point, originally being proposed in 2011 on the Bitcoin Talk forums and then unofficially given a BIP number (63) in 2015 after a proposal by Peter Todd in early 2014. This proposal never gained traction and was abandoned by the author when a change to Bitcoin’s OP_RETURN field broke his approach.
This original proposal shares many similarities to PayNyms, Silent Payments, and Private Payments, using a set of keys combined into one long payment code to allow senders to generate unique addresses for the recipient and leveraging the OP_RETURN. This approach is simple and relatively easy to implement, but relied on a large OP_RETURN field (something that was reduced shortly after it was proposed) and made every payment utilizing stealth addresses stand out on-chain. Even with its drawbacks, this was a major step forward and would form the foundation for future proposals.
Reusable payment codes become a reality
The next proposal to build on the work of Peter Todd was presented in BIP 47 and ultimately became what we know today as “PayNyms.” BIP 47 iterated on the stealth address proposal by utilizing a single notification transaction to signal to the recipient to watch for payments to a specific public key (and thus set of addresses) instead of including payment code signaling in every payment. While there are multiple versions of BIP 47, as the only one in use is version 1 we will focus on that in this post. For simplicity’s sake, for the rest of this post let’s have “Alice” represent the sender in a transaction, and “Bob” represent the recipient who is using a reusable payment code.
How it works
When Alice goes to send funds to Bob, her wallet uses the reusable payment code she got from Bob to generate a unique shared secret by combining (1) a private key from an output she owns, (2) the public key in Bob’s reusable payment code, and (3) a 64-byte blinding factor so that only Bob can interpret the shared secret. Alice’s wallet then converts this payment code to binary and inserts it into this notification transaction’s OP_RETURN field in order to let Bob know where to expect future payments from her.
Both Alice and Bob have to be extremely careful not to link this notification transaction (or the inputs or outputs) with other transactions, as that could provide an on-chain link between their wallets and undo privacy gained from using BIP 47 reusable payment codes. Thankfully, current implementations in Samourai and Sparrow Wallet hide this “toxic” output associated with the notification transaction by default to protect both sender and recipient.
When Bob wants to check for received funds, he monitors his notification address, and when a transaction is received to it he (1) validates that it includes a BIP 47 payment code, (2) decrypts it with his private key, and then (3) stores the information on the set of addresses Alice can send to and watches them like any normal Bitcoin wallet. Even though this notification code is publicly visible on the blockchain, it is encrypted in such a way that only Bob can deduce the addresses it is used to generate, and thus all of Alice’s future payments are known only to Bob. Alice can now send as many payments as she would like to a unique address every time, and Bob can easily watch for new payments with both “light” wallets and “full” wallets.
BIP 47 holds the unique status of being the only form of reusable payment code to actually be implemented and widely used thanks to the efforts of the Samourai Wallet team, who have implemented BIP 47 as “PayNyms.” PayNyms are leveraged in Samourai Wallet, Sparrow Wallet, and Stack Wallet, allowing any user to easily share a reusable payment code or register their PayNym with Samourai Wallet’s servers to get a short version of their reusable payment code like “+shrillsurf491.” This short form of their reusable payment code can then be looked up by any PayNym user on Samourai’s servers and resolved to the full payment code, allowing them to then send payments in a privacy-preserving way.
While BIP 47 does have the major drawback of requiring a notification transaction for funds to be easily recovered, this is outweighed by the ability for light wallets to utilize reusable payment codes and the simplicity of implementation, making it very easy for wallet developers to add support for BIP 47 reusable payment codes to their wallets.
While BIP 47 does have the major drawback of requiring a notification transaction for funds to be easily recovered, this is outweighed by the ability for light wallets to utilize reusable payment codes and the simplicity of implementation, making it very easy for wallet developers to add support for BIP 47 reusable payment codes to their wallets. This has led to rapid growth and adoption of BIP 47 and PayNyms in a way that no other proposal has seen so far.
Doing away with the notification transaction via Silent Payments
Some Bitcoin developers consider the trade-offs inherent in BIP 47 too harmful, and have sought ways to implement reusable payment codes without needing an on-chain notification transaction, but no other proposals gained interest until 2022. However, in March of 2022 Ruben Somsen proposed “Silent Payments,” a new approach to reusable payment codes that removes the need for a notification transaction entirely by leveraging the outputs in a transaction to signal to the recipient when funds are intended for them. Silent Payments makes use of advances in Bitcoin scanning to remove the need for a notification transaction, thereby improving scaling and privacy associated with reusable payment codes (with a key trade-off we’ll address later).
How it works
When Alice goes to send funds to Bob, she takes three keys and creates a unique one-time address that only Bob controls the keys to. These three keys are the (1) public key of the output(s) Alice wants to send to Bob, (2) Bob’s public key in his reusable payment code, and (3) a shared secret (generated using the same cryptography as stealth addresses and BIP 47, “ECDH“) that only Alice and Bob know. These three keys combine into a unique one-time address that Bob can then validate and spend from, allowing Alice to generate practically infinite addresses without any communication with Bob. This payment appears exactly like any other payment using the same script type (i.e. Taproot), thereby preventing an outside observer from even knowing Silent Payments were used at all, much less link payments to a Silent Payment address together.
When Bob wants to check for received funds, he takes (1) the private key from his payment code and (2) the aggregated key across the inputs of every transaction on-chain and checks to see if the combination matches an output in a transaction. If it matches, that output is owned by his private key and he can spend it at will, and if it doesn’t match he simply ignores that transaction and continues scanning. This process of checking every input in transactions is relatively costly and requires a full node, but does preserve privacy and remove the need for problematic notification transactions entirely.
[This] brings us to the significant trade-off of Silent Payments: because this scanning is relatively costly and can only be performed with a full Bitcoin node, Silent Payments necessarily do not work on light wallets, limiting their usage in practice.
Because with Silent Payments Bob must scan all transactions on the blockchain from the point that he generated the payment code, it brings us to the significant tradeoff of Silent Payments: because this scanning is relatively costly and can only be performed with a full Bitcoin node, Silent Payments necessarily do not work on light wallets, limiting their usage in practice.
While Silent Payments present a unique and useful set of trade-offs in comparison to BIP 47, they have not yet been implemented in any wallet and thus cannot be used by the average person. Silent Payments are particularly useful when you only want to send a single payment or donation to a given reusable payment code, as they do not require a separate notification transaction and so are cheaper and more efficient than the alternatives available today. It will be interesting to see if Silent Payments catch on, but for now you can follow the conversation on the topic on Github for future developments.
BIP 47 with a twist: Private Payments
Last but not least, the newest kid on the block is BIP 351, or “Private Payments.” Private Payments strikes a middle ground in trade-offs between BIP 47 and Silent Payments, minimizing the potential impact and issues of a notification transaction (while still requiring one) and reducing the scanning requirements to only scanning OP_RETURNs (while still requiring a full node). Private Payments was proposed in July of 2022 by Alfred Hodler and Clark Moody, and is the latest approach to reusable payment codes.
How it works
When Alice goes to send funds to Bob, she takes (1) Bob’s public key encoded in his payment code and combines it with (2) a shared secret she generates to create a unique one-time address to use for a notification transaction. She then generates a unique notification code to include in the OP_RETURN of the notification transaction, creating a transaction that does not re-use a notification address (unlike BIP 47), but does stand out on-chain (unlike Silent Payments). Once she has sent this notification transaction, she can then generate a new, unique address for each subsequent payment to Bob without any links on-chain, and no direct link between any of her UTXOs and Bob’s notification address.
When Bob wants to check for received funds, he checks the OP_RETURN on every transaction since he generated his payment code for those with OP_RETURNs including a notification code that matches his private key. When he finds one that matches, he can then add all derived addresses to a watch list and monitor them for transactions just like a normal Bitcoin wallet. As this only requires checking the OP_RETURN field in each transaction instead of performing validation of every input and output, it’s necessarily much lighter on requirements than that of Silent Payments. While this still precludes the simple usage of light wallets (similar to Silent Payments), it would be easier to off-load the validation of OP_RETURNs to an external (trusted) service.
Advantages and trade-offs
As Private Payments requires both a notification transaction and a full node for proper scanning, it strikes something of a balance between the two other proposals without fully gaining the benefits of BIP 47’s notification transactions and the ability to use light wallets, or the scaling and privacy improvements from the omission of a notification transaction in Silent Payments. It could still pose an interesting approach for light wallets that are willing to trust an external OP_RETURN validation service, however, and gives us a great example of the continuing innovation and exploration around how we can best approach reusable payment codes.
Using reusable payment codes today
If you’ve read through this and are wondering how you can actually use this fascinating technology today, I’ve got great news for you – BIP 47, or PayNyms, are extremely easy to use today with both Samourai Wallet and Sparrow Wallet. Both have well-implemented native support for reusable payment codes, making it extremely easy to create one (all hot wallets have one by default) and to send to a reusable payment code. For the relevant documentation on using PayNyms in both wallets, you can jump in below:
If you’re not currently using one of these wallets, using reusable payment codes is unfortunately often not supported as it does require a bit of work for wallet developers to implement. There is, however, ongoing work by an independent developer to implement BIP 47 PayNyms in Blue Wallet, and we at Foundation are eager to implement PayNyms into Envoy in the future. Outside of using Samourai Wallet. Sparrow Wallet, or Stack Wallet, you can help along the growth of reusable payment codes by talking about the need on social media, following the relevant conversations and BIPs, and donating to developers and projects working on innovation and implementations along the way.
We’re excited to announce that the latest version of Passport firmware – 2.0.6 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.
With version 2.0.6 of Passport firmware, we’ve added a fix for a pin entry issue that affected users with alphanumeric pins in the now deprecated v2.0.5.
NOTE: Since we have deprecated v2.0.5, we’ve replicated the blog post from that version below.
What’s changed
With version 2.0.6 of Passport firmware, we worked hard to drastically improve QR code scanning and processing, bringing speed and compatibility up to our standards. We’ve also added official support for Keeper Wallet, a new multisig focused wallet, and cleaned up a few bugs.
For more details on each of the changes, keep reading below!
Keeper is a new wallet in alpha focusing on bringing a user-friendly experience to multisig and inheritance. Now you can use it with Passport as one of your keys with a native option under accounts to connect to Keeper.
Support looping through menus
Get tired of pressing that left key? Prefer to just mash one button? Now you can cycle through pages by just pressing right or left repeatedly.
Improvements
Improved camera QR code scanning performance
Camera performance has been a major focus in this release as we weren’t happy with speed and handling of certain QR code sizes and resolutions.
We’re happy to say that QR code scanning is finally up to our standards, and scanning should be much snappier and less finnicky across practically all wallets.
Two of the specific changes are:
Changed the camera to use a 4:3 resolution
Changed the QR scanning library to a more stable version
Improved performance of address verification
Show security words immediately after activation of security words
Improved supply chain validation scan errors
Improved Casa health check error handling
Bug Fixes
Fixed a visual bug around alphanumeric PIN entry
Fix Passport lockup during initialization while pressing keys
If you’ve ever had your passport keyboard become unresponsive after booting, it was likely due to this bug
Resolved a few key Casa integration bugs
Fix an error when trying to export Casa configuration using microSD
Fix Casa health check scanning
Fix Casa transaction signing issue
Fix multiple minor memory leaks
Alphabetical order of software wallets displayed was fixed
Improve animation on “Verify Address” screen
Bring forward a microSD card bug fix from Founder’s Edition code
Fix passphrase not being shown when showing seed words
Reset extension settings and search address space on Passport erase
Fix Passport freezing when using special characters
When setting up Passport allow user to go back to update the firmware or to change the setup method
Fix crash when importing multisig configuration without valid keys
Display a warning when backing up Passport with a passphrase applied
Use root XFP as the filename for the backup when a passphrase is applied
Ensure extension accounts show the passphrase indicator
Fix lockup on wrong PIN entry
Filter keypad double-presses
Extended the shutdown timer while scanning and displaying QRs
Revert a regression in account header display
Prevent multisig config import failing when a passphrase is present
Fix a bug that would crash the file explorer if there were too many files on the microSD card
Verifying and Installing Passport Firmware
If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page
Those of you who have been in Bitcoin for a while may be used to the seed phrase shuffle involved in creating a new Bitcoin wallet, but that concept is one that is alien to the normal person’s experience in the digital world. As people have become more and more used to trusting a centralized entity with their data behind only a username and password, the idea of physically writing down 12 or 24 words as a way to store wealth is not necessarily the most approachable.
While the concept of encrypted backups to microSD isn’t a new one, we’ve taken the path of using microSD backups as the default on-boarding method when a user sets up their new Passport. This approach does introduce a new set of trade-offs, but we think that it is a simpler approach for most people and opens up new possibilities when it comes to storing the secrets required to restore your funds after you lose your Passport, break it, or suffer a physical theft. Our goal with encrypted microSD backups is to improve the user experience and peace of mind for new users without sacrificing security, and we think this approach does just that.
Why not just use seed phrases like everyone else?
Here at Foundation, we’re deeply passionate about not only helping to onboard the deeply technical users in the Bitcoin community, but also ensuring that those who are new to the space can more easily dive down the rabbit hole of Bitcoin. This means that we work hard to ensure that deeply technical and complex setups can work well with Passport + Envoy, as well as very simplistic and approachable setups that are more friendly to new users.
This is why we’ve chosen to support both seed phrases and microSD backups and leave the choice up to the user. While we’ve made the default flow follow the microSD backup path, we still expose the seed words to users in the settings menu, allowing the standard backup path to be chosen by those who understand the trade-offs inherent in it. Unfortunately a seed cannot be used to backup and restore device configuration, account names, transaction tags, etc., meaning that a seed phrase can never restore any off-chain data.
If you backup the seed phrase you can always restore funds like normal in the Bitcoin space – both with Passport or with any other Bitcoin wallet of your choosing.
How do encrypted microSD backups work?
When you create a backup of your passport to microSD (something that automatically happens when you first setup your Passport and anytime you make account changes to it), Passport creates an encrypted 7-zip file using a 20-digit passcode that is generated using Passport’s three forms of entropy:
The onboard CPU’s random number generator
The secure element’s true random number generator
The open source Avalanche noise entropy source
These three forms of entropy are used so that even if one was somehow compromised or vulnerable to attack, the passcode would still be cryptographically secure.
This standard form of 7-zip encryption uses AES-256 to encrypt the data, and then uses a form of SHA-256 to hash the 20-digit passcode into a 256-bit key. The combination of these techniques means that there are 100,000,000,000,000,000,000 possible combinations of passcodes, making it practically impossible to bruteforce the passcode if an attacker somehow obtained the backup file.
As long as a user has access to both the backup file and the 20-digit passcode, they can not only restore their funds, they can also restore all device settings, accounts, account names, multisig configurations, etc. in just a couple of minutes. As the encrypted backup file is a standard 7-zip format, even if Foundation disappeared and your Passport stopped working you could easily decrypt the file with your 20-digit passcode on a computer and import the seed into any of your favorite Bitcoin wallets.
To learn more about the backup functionality, you can read through our docs here.
What are the key advantages of encrypted backups?
Migrating from seed phrases to an encrypted microSD backup (or utilizing them alongside a standard seed phrase backup) provides a few key advantages for users:
All device configuration, accounts, account names, and multisig configurations are fully backed up and automatically restored when using microSD backups
If you merely backup the seed phrase all of this secondary data is not backed up, leading to a lot of initial headache and extra setup necessary when restoring onto another device in the future
You can safely make and distribute multiple copies of the backup file – even to family or friends you don’t fully trust – as they cannot view or move funds in any way with just the backup file
Just be sure not to also give them the passcode!
You can store the passcode safely in an end-to-end encrypted password manager like Bitwarden without risk of funds being stolen even if someone got access to your Bitwarden account
Just be sure not to also store the backup file there!
An attacker or thief finding either your backup file or passcode would not be able to easily tell that they are Bitcoin-related
There is no reason for an attacker to suspect that a microSD card or 20-digit passcode would be worth stealing
An attacker or thief finding either your backup file or passcode could not view or steal funds in any way without having both the backup file and passcode
What are the key disadvantages of encrypted backups?
While we think the overall trade-offs inherent in microSD backups are well worth it, there are some key drawbacks that you should be aware of if you choose to only use encrypted microSD backups:
You must have both the 20-digit passcode and encrypted backup file to restore funds
I.e. if you lose either one you will be unable to restore funds!
This means that microSD backups do introduce a second single point of failure
Advantage #3 above greatly reduces this disadvantages impact, practically
If you store both the encrypted backup and passcode together, it provides no added security over a plaintext seed phrase
MicroSD cards themselves have a limited lifecycle and can fail – it’s important to use high-quality industrial-grade microSD cards (like those we ship with Passport) to reduce this risk
You can also backup the file to another storage medium like a NAS or extra hard drive as another failsafe, and shouldn’t rely on a single microSD card alone!
This may be a short list, but the first point is extremely important to understand – losing either the passcode or the encrypted backup file would lead to loss of funds if you also lost or broke your Passport!
Which should I use?
The beauty of Bitcoin is that it enables you to choose your own path, and we certainly don’t want to inhibit that freedom. That’s why we leave the ultimate choice up to you and ensure that you aren’t locked into our ecosystem (or even our favorite approach). Whether you choose microSD backups or seed phrases (or both!) is up to you, but both can be easily imported into any standard Bitcoin wallet app. If you want added peace of mind, you can even use both and store the three pieces separately – encrypted backup file, 20-digit passcode, and seed phrase!
Ultimately the choice is yours, but we certainly love encrypted backups and how they’re helping onboard less technical users in a way that is approachable and secure.
In Part 1 of our series on making every spend a CoinJoin, “Why We Mix”, we walked through the philosophical and practical first steps behind the fight for privacy in Bitcoin. In Part 2 we’re digging into what information we share when we make a standard Bitcoin transaction, and what we want to (and can!) choose to protect to gain financial privacy.
Each transaction we send in Bitcoin contains information on all inputs used, all outputs sent, and the time when the transaction is published to the mempool and included in a block. This ultimately breaks down into 4 key pieces of information; the sender, the recipient, the amount sent, and the source node.
Why does Bitcoin reveal so much information in each transaction?
When you sit down and think about the amount of information contained in a Bitcoin transaction, you may begin to wonder why in the world all of this has to be shared with the world each time you send a Bitcoin transaction. One of the tradeoffs that comes with making Bitcoin a decentralized and distributed ledger is that each transaction must contain enough information for (1) miners and nodes to validate that transactions don’t double spend funds, (2) users to be able to find their own funds without hassle, and (3) for the supply of Bitcoin to be easily validated by network participants.
While novel approaches to leveraging more powerful (but more complex!) forms of cryptography to hide sender, recipient(s), and amounts have been developed and proposed over the years, none of these approaches existed in the early days of Bitcoin, and each comes with its own set of tradeoffs and risks. Instead of implementing protocol changes like ring signatures, confidential amounts, or stealth addresses at the base layer, the Bitcoin community and developers have opted to keep Bitcoin’s base layer transparent by design and rely on higher layers and application-level privacy tools to allow users to opt-in to better privacy in Bitcoin.
Because of this choice, the ability for each of us to gain privacy becomes a matter of personal responsibility and knowledge instead of a protocol-enforced default. For better or worse, we each get to choose our own preferences and path towards financial privacy when it comes to Bitcoin.
An example transaction
As we walk through these four key pieces of information about each Bitcoin transaction, having an example transaction to refer back to will be invaluable. This transaction has been chosen at random from the Bitcoin ledger, but illustrates quite a few key aspects of a lack of privacy being inherent in Bitcoin.
What can we learn from a simple look into the transaction? Let’s break it down into key findings from using simple, widely available blockchain exploration tools like mempool.space and oxt.me:
The sender consolidated multiple outputs to make the transaction, revealing all the inputs as almost certainly belonging to them
Going back one hop with the largest input shows us that some of the funds were withdrawn from Bitstamp (but not all)
The sent amount is almost certainly 0.011 BTC, as it is sent to a different type of address (“P2SH”, or wrapped/nested SegWit)
We can also confirm this analysis due to the rounded payment amount (0.011 BTC) which almost never happens with fees or change outputs
The recipient is still using a legacy Bitcoin wallet and has not upgraded to use Segwit
The change amount is almost certainly 0.00004088 BTC, as it is sent to the same type of address as the inputs (“P2WPKH”, or Segwit Bech32)
We’ll look more at these findings in each section below.
Protecting the sender
When we look at the different pieces of information revealed in a Bitcoin transaction, the information on funds being spent (and thus on the sender themselves) rightfully deserves the most focus when approaching transactional privacy. When you view any basic Bitcoin transaction in an explorer, you quickly realize that you can learn an immense amount of information about the sender by simply following the inputs backwards.
How do we see this play out in our example transaction? Let’s take a closer look:
The sender consolidated multiple outputs to make the transaction, revealing all the inputs as almost certainly belonging to them
Going back one hop with the largest input shows us that some of the funds were withdrawn from Bitstamp (but not all), tying multiple addresses together with funds connected to the sender’s identity known by Bitstamp
Inputs to a previous transaction sent from Bitstamp wallets
This simple analysis is primarily possible because in Bitcoin, almost all transactions are performed by a single entity; and if a single entity is performing a transaction, then all inputs to that transaction are necessarily owned by them. This heuristic is called the “common-input-ownership heuristic” and is one of the foundational building blocks for the majority of chain surveillance in Bitcoin today. When those wishing to surveil Bitcoin’s usage can safely assume that all inputs in a transaction are owned by the sender, they can build detailed and nearly complete pictures of a user’s spending habits past, present, and future.
This heuristic is also the core of what CoinJoin-style transactions attempt to confuse and break by coordinating a single transaction between many different participants. If enough Bitcoin users started to make CoinJoin transactions regularly, we could even go so far as to break this heuristic and make it inaccurate for chain surveillance companies, severely limiting their visibility into our financial activity on Bitcoin.
While hiding the input addresses and amounts is strictly not possible in Bitcoin today, we do have a few options for obfuscating and confusing chain surveillance, making their lives as difficult as possible.
What can we do today?
While we’ll keep things short and sweet in this section, here are a few ways you can better protect your financial privacy when sending Bitcoin transactions:
Always use a new receive address
If your current Bitcoin wallet doesn’t do this automatically, it’s far past time to switch!
Don’t consolidate funds in your wallet (a commonly recommended way to save on fees down the line) by sending all of your Bitcoin back to yourself in a single transaction
Use as few inputs as possible (only one, if possible!) when sending a transaction
Thankfully most good Bitcoin wallets will do this for you by default!
Prefer using PayJoin when enabled by a merchant (anyone using BTCPay Server can easily enable this if they’re using a hot wallet!)
Use wallets like Samourai Wallet and Sparrow Wallet to CoinJoin your funds, ensuring that even when you spend funds the prior history of each input isn’t able to be traced
Protecting the sender is the core focus for many of the privacy tools built on Bitcoin, but protecting the amount sent in each transaction is also an important piece of a holistic approach to privacy on-chain. If we’re not careful about how amounts are handled, we can make it easier to undo our privacy and link transactions and addresses to each other. The most common ways to use amounts to reveal information in a transaction are to look for rounded payment amounts (i.e., 0.001 BTC exactly) or to look for exactly matching amounts (minus normal fees) going into and out of exchanges, instant exchangers, or decentralized exchanges.
How do we see this play out in our example transaction? Let’s take a closer look:
The sent amount is almost certainly 0.011 BTC, as it is sent to a different type of address (“P2SH”, or legacy SegWit)
We can also confirm this analysis due to the rounded payment amount (0.011 BTC) which almost never happens with fees or change outputs
The change amount is almost certainly 0.00004088 BTC, as it is sent to the same type of address as the inputs (“P2WPKH”, or Segwit Bech32)
Amount-based heuristics are a common tool used by chain surveillance companies to confirm other heuristics (like the “common-input-ownership heuristic” we’ve already discussed) or to make educated guesses in the absence of clearer signs on-chain. The ability to use amounts to tie transactions and inputs together is one of the main reasons that most of the most battle-tested CoinJoin protocols use common denominations for inputs (i.e., 0.05 BTC) instead of allowing arbitrary amounts. Using these common denominations prevents trivial linkage of inputs and outputs down the line.
What can we do today?
Avoid using rounded amounts (i.e,. 0.01 BTC) when sending funds unless necessary
Avoid using specific fee amounts (outside of 1sat/vbyte, of course) and allow your wallet to calculate fees appropriately
Prefer using PayJoin when enabled by a merchant (anyone using BTCPay Server can easily enable this if they’re using a hot wallet!)
Now that we’ve taken a look at protecting both the sender and amount in a transaction, how do we go about protecting the recipient’s privacy? Thankfully, many of the same principles apply here as well, especially avoiding address re-use. As every transaction in Bitcoin necessarily has a recipient with address and amount being visible on-chain, it can be quite difficult to actually preserve the privacy of the recipient, both from the sender and from outside observers.
How do we see this play out in our example transaction? Let’s take a closer look:
The sent amount is almost certainly 0.011 BTC, as it is sent to a different type of address (“P2SH”, or legacy SegWit)
We can also confirm this analysis due to the rounded payment amount (0.011 BTC) which almost never happens with fees or change outputs
The recipient is still using a legacy Bitcoin wallet and has not upgraded to use Segwit
The recipient sweeps this output along with many others in a later transaction, linking their other receive history together
Chain surveillance companies leverage many of the same techniques to identify recipients as they do with senders, including wallet fingerprinting by fees, script types, output consolidation, and address re-use. When these types of heuristics are used, it can lead to “wallet clustering”, where those performing surveillance can tie together transactions under a single entity, even if there is no direct identification attached. As always with privacy, it’s important to blend in with the crowd and avoid any mistakes that can make it easier to separate and cluster transactions under a single entity.
What can we do today?
Avoid re-using addresses when receiving funds
If you’re the sender and a recipient is re-using an address or has a static Bitcoin address posted for donations or payments, pressure them to either use a PayNym or a solution like SatSale or BTCPay Server to provide a new address with every payment
Prefer using PayJoin when enabled by a merchant (anyone using BTCPay Server can enable this, if it’s not enabled ask your merchant to enable it!)
Last but not least comes an aspect of Bitcoin privacy that is often forgotten – protecting the IP address of the Bitcoin node that broadcasts the transaction in question. While the IP address and information about the originating node isn’t stored on the blockchain directly, it can be relatively easily seen by anyone operating a few nodes on the network and desiring to gather that type of information.
Because Bitcoin Core uses a very simplistic transaction broadcast protocol, an adversary seeking to surveil the network can run many nodes in many different geographic locations to try and be at least one connection of most nodes in the network. Once they have these broadly distributed nodes (a “Sybil attack”, something that is very cheap and easy to do in a permissionless and decentralized network like Bitcoin), they can then watch for where in the network they see transactions first broadcast. If they notice that a transaction they’re interested in was first broadcast from one node and propagated from there, they can make a very well educated guess that it was the source node for the transaction.
While this doesn’t guarantee that their guess is correct, it does help them narrow down the potential source node of a transaction and more actively Sybil attack that specific node to look for further transactions of interest. This can be combined with on-chain heuristics to try and find the source node being used by a specific entity and gain vast insight into their spending habits, their geographic location, and even their home address (if they reveal their true IP address to the Bitcoin network).
It’s important to remember that a peer-to-peer network like that used in Bitcoin is designed to be censorship-resistant and permissionless, not private. This approach works extremely well at ensuring that in most censorship scenarios a transaction can still be broadcast to the whole network, but also ensures that a motivated adversary can quite easily follow the flow of transaction propagation and block propagation across the network.
If you’d like to learn more about the issues inherent in this approach, there is an excellent article on the topic titled “Bitcoin’s P2P Network” at nakamoto.com.
What can we do today?
If you run your own Bitcoin node, set it to only use the Tor network for communication
This option is controlled by `onlynet=onion` in the config file, read more on the topic here
Broadcast transactions manually via the Tor Browser and a service like mempool.space
Only do this over Tor, never via clearnet!
The current Onion address of the mempool.space broadcast tool is here
Run your own Samourai Wallet “Dojo” node stack, which is Tor-only by default
Conclusion
After reading this I hope you come away with the conclusion that while Bitcoin’s on-chain privacy is imperfect by default, there are solutions available to each of these problems today. It may seem daunting to have to consider each of these aspects of information when sending or receiving a Bitcoin transaction, but as the issues around privacy within Bitcoin are clarified and made known, the wallets and apps we use to interact with Bitcoin can grow to better handle all of these potential issues for a user automatically.
Over the long-term it’s extremely important that wallet developers and node developers work hard to build in sane and private defaults to their apps, as most users have neither the knowledge nor expertise to properly handle every core piece of Bitcoin privacy. The more we as developers can improve users’ privacy without them even thinking actively about it, the better off our users will be and the better off the Bitcoin network and ecosystem will be.
In part 3 of this series we’ll take a closer look at protecting the sender via CoinJoin, including a sneak peak at what we’re working on to help make Bitcoin privacy more approachable for every Bitcoin user.
Stay tuned, and thanks for diving into the deep end of Bitcoin privacy with us today!
We’re excited to announce that the latest version of Envoy – 1.0.8 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.
Please note that there can be a significant lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.
What’s changed
With version 1.0.8 of Envoy, we added in a new Tor status dialogue that informs you when there are Tor connectivity issues and allows you to quickly disable Tor temporarily if desired. We’ve also squashed a few bugs, updated BDK to the latest version, and improved scanning times with Passport from Envoy.
For more details on each of the changes, keep reading below!
New Features
Added a new Tor dialogue when there are Tor connectivity issues
We value your privacy very highly, and as such we have always defaulted Envoy to using Tor, an anonymity network, to prevent even us from being able to learn information about you. Unfortunately, Tor has been undergoing a serious attack for the last several months, severely impacting user experience when using Tor.
This new Tor dialogue detects when there are Tor issues (after automatically trying to reconnect multiple times) and allows you to temporarily disable Tor directly from the dialogue until the next time you open Envoy.
For more on our usage of Tor, the current issues, and the trade-offs inherent in choosing to disable it, visit our docs page on the topic.
Envoy’s new Tor toast message and dialogue
Improvements
Reduce PSBT size (and thus QR size) in Envoy, improving scan times on Passport significantly
Keep an eye out for Passport firmware v2.0.5 which will even further decrease scan times across the board!
We at Foundation are thrilled to announce the completion of a $7 million seed round led by Polychain Capital, enabling us to expand, improve, and reach more people with free and open source software and hardware that empowers you to reclaim your digital sovereignty. For more on the raise, read the official press release below.
Foundation Devices Announces Completion of $7M Seed Round toAccelerate Development of its Sovereign Computing Platform
SEED ROUND LED BY POLYCHAIN CAPITAL WITH PARTICIPATION FROM NEW AND EXISTING INVESTORS
BOSTON, MA – December 19, 2022 – Foundation Devices (“Foundation”), a sovereign computing company that develops Bitcoin-centric tools that empower users to reclaim their digital sovereignty, today announced the close of its $7 million seed round led by Polychain Capital. Other investors participating in the round include new investors Greenfield Capital and Lightning Ventures, and existing investors Third Prime, Warburg Serres, Unpopular Ventures, and Bolt.
Founded in April 2020, Foundation builds products that make Bitcoin and decentralized technologies accessible to everyone, enabling users to reclaim their digital sovereignty. Foundation’s flagship product, Passport, a best-in-class Bitcoin hardware wallet, offers a unique combination of intuitive design, hardcore security, and a mobile-first approach with QR codes. In March 2022, Foundation launched its second-generation Passport device, which continues to gain traction and adoption among consumers with thousands of Passports sold over the last 18 months.
Additionally, Foundation is continuing to develop its mobile app, Envoy, as a standalone sovereignty toolkit complete with a Bitcoin software wallet. Envoy offers the easiest onboarding and user experience of any Bitcoin wallet, with maximum privacy using the Tor network, a free and open source software for enabling anonymous communication.
Foundation’s financing will enable the company to continue expanding its team and building open source hardware and software products that provide users with a seamless, end-to-end sovereignty experience.
“Preserving freedom and privacy is more important than ever amidst worldwide censorship, privacy violations, and reckless financial and monetary policies,” said Zach Herbert, Co-Founder and CEO of Foundation Devices. “As the line between the physical and digital world continues to blur, we are excited to continue delivering decentralized products that usher in a new era of freedom and prosperity for users across the globe. This seed round marks just the beginning of our journey to build the world’s first sovereign computing platform.”
“The Foundation team has been creating gorgeous, incredibly secure, yet easy to use products that further an individual’s ability to self-custody crypto assets,” said Will Wolf, Partner at Polychain Capital. “We are incredibly excited to support them on the next phase of their vision to empower self-sovereign individuals through decentralized technologies.”
“We are proud to support an ecosystem which is open source and transparent,” said Jendrik Poloczek, Principal at Greenfield Capital. “By building products that lower the barrier to becoming a sovereign individual, more people will confidently reclaim control of their money and data.”
“The rave reviews Foundation’s Passport has earned show that people are hungry for a sovereign computing experience that is thoughtfully designed,” said Tyler Mincey, Foundation board member and Partner at Bolt. “This is a giant step in the right direction, both for self-custody and digital sovereignty, and we are excited to continue supporting the Foundation team through this fundraise.”
About Foundation Devices
Launched in April 2020, Foundation Devices builds products that make Bitcoin and decentralized technologies accessible to everyone, enabling users to reclaim their digital sovereignty. Foundation’s open source products include Passport, a best-in-class Bitcoin hardware wallet, and Envoy, a mobile app.
Can we all just “hodl” for a better future, or is there more to changing the world around us than passively collecting more Bitcoin? We at Foundation saw that we could do more than just “hodl,” so we started this company out of a desire to help empower more people to reclaim their digital sovereignty. What else can each of us do to help drive Bitcoin and the world around us towards a better future?
While simply “hodling” is a unique approach that is only possible because of Bitcoin, we who understand the impact Bitcoin brings, the need for financial sovereignty, and the weight of issues in society have a responsibility to find ways to help others along the path as well. Once we’ve learned about Bitcoin for ourselves and benefited from it, we have powerful knowledge and experience that we can use to bring about a better world far more quickly.
In this blog post we wanted to lay out some actionable steps that the average Bitcoiner can take to find how they can best impact those around them, improve Bitcoin, bring widespread adoption, and empower others to become sovereign individuals as well. While this is by no means an exhaustive list, we think this is a great place to start.
Join a local Bitcoin meetup
It may seem incredibly simple, but one of the most profound ways each of us can help to spread adoption and help others (and ourselves!) is to get plugged into our local community of Bitcoiners. Meetups allow us to build relationships with other Bitcoiners while contributing thoughts, ideas, and time to educating others. Joining a meetup also helps grow the circular and parallel economies forming around Bitcoin and gives us a local lifeline in case things quickly go downhill. It’s impossible to overstate the importance of having a strong community around you, and a local Bitcoin meetup is the best place to find that.
“Meetups are one of the most high-signal places to learn about Bitcoin and self-sovereignty. I’ve met so many great friends from our local meetup – if you don’t have one in your area, consider starting one!”
Finding a meetup can be as simple as asking around on Twitter, searching Meetup.com, browsing Bitcoin-Only.com’s list, or if there aren’t any around you – kicking one off yourself! These meetups don’t have to be highly organized and technical, they can be as simple as meeting at a bar or restaurant once a month to chat about all things Bitcoin. Don’t overthink the details, just start gathering Bitcoiners together and watch amazing things happen.
Educate others around you
You may not consider yourself an educator, but even someone relatively new to Bitcoin has a wealth of knowledge that the vast majority of people in the world simply do not. Even the “simple” things like setting up a mobile wallet, storing a seed phrase, or using a hardware wallet like Passport can be immensely helpful to newcomers in the space. Not only that, but having a friendly face or nym that new Bitcoiners can go to with questions or concerns eases the incredibly daunting early days in the Bitcoin rabbit hole. We can help more Bitcoiners stay the path towards self-custody without losing sats along the way by easing the barrier of entry through education and community.
“We all stand on the shoulders of giants. As Bitcoiners we have an obligation to pass on learned knowledge to those around us. This is how we continue to spread the mind virus. This is how we win.”
BitcoinQnA, Head of Customer Experience at Foundation
Educating others also has a powerful personal benefit – when you learn something well enough to teach others, you ingrain a deep and lasting knowledge for yourself that further empowers you towards digital sovereignty.
You know best what communities could benefit from your experience and expertise, but some potential places to contribute could be Twitter (even if you have a small account, it makes a difference!), the Telegram group for your favorite Bitcoin wallet or project, a local Bitcoin meetup, your friends or family, etc.
Contribute and donate to Bitcoin FOSS projects
Want a way to benefit Bitcoin as a project along with a burgeoning free and open-source (FOSS) ecosystem? There are many projects in the broader Bitcoin and sovereignty space that could use your help, starting with simple contributions that don’t even require technical expertise. Taking the time to give back to one of your favorite projects by helping out newcomers in their Telegram or chat rooms, opening issues on Github when you find bugs or want to recommend features, writing or translating documentation, or simply promoting the project on social media can be a huge boost as well.
One of the easiest ways to give back to these projects is to actually use Bitcoin as money and press send. The FOSS space has notorious issues with invaluable projects not getting enough funding to be sustainable, causing us to lose amazing contributors, important apps and tools, and for the spread of Bitcoin and freedom to be slowed.
Bitcoin has uniquely enabled FOSS projects to get funding directly to their wallets without any custodian, middle-man fees, or payment processor. Let’s find ways to leverage this new-found wealth and electronic cash to help fund the next generation of FOSS projects and bring digital sovereignty to more individuals around the world.
“Seeing a donation (especially in the beginning) means the world to a FOSS team like us [RoninDojo], it’s validation that what we are doing matters and keeps us moving forward.”
We don’t want to play favorites, but some excellent FOSS projects in the space that can be funded by Bitcoiners like you and me can be found below (with links directly to their donations pages):
And if none of the above projects strike your fancy or you aren’t sure how to pick one, an easy way is to donate to OpenSats general fund (more on that next).
Donate to OpenSats
Do you find it too difficult to select a contributor, FOSS project, wallet, or educator in the space to donate to? Then OpenSats has you covered. OpenSats is a registered charity in the US, allowing US citizens to count donations as tax-deductible, allowing you to grow the ecosystem while saving some fiat from the tax man. OpenSats allows you to contribute to individual vetted projects and contributors, or to simply donate to the General Fund and trust OpenSats to distribute the funds in a way that aligns with your ethos.
“Thousands of open source contributors make this movement possible. We created Open Sats to support them without relying on corporate sponsors. No strings attached, 100% pass through, tax deductible or anonymous.”
OpenSats even allows you to donate fiat if you can’t bear to part with your Bitcoin, an invaluable on-ramp for fiat-to-FOSS. If you want to learn more about OpenSats, be sure to check out their website or follow them on Twitter.
Find your niche
If we haven’t hit on a particular passion or area of interest for you in this post, don’t worry! We all have unique talents, passions, and expertise that enable us to be Bitcoiner’s of action. There is a place for each and every one of us to take actionable steps towards bringing digital sovereignty to more people around us, and you know best what that role could be for you.
Take a few minutes today to pause and think on how you could give back to the projects and communities that have impacted you in your journey down the Bitcoin and sovereignty rabbit holes.
They’re not content with just controlling our fiat money and your Bitcoin on centralized exchanges, so they’re coming for our self-custodied Bitcoin as well.
In a proposal to the European Union, the General Secretariat laid out an updated set of restrictions on cryptocurrency usage within the EU. While much of the proposal should be familiar, the updated language and recommendations around so-called “self-hosted wallets” are a frightening step towards tighter control over how we use Bitcoin. This new regulation proposes not only an implementation of the “Travel Rule” (requiring personal identification attached to each transfer between centralized, regulated entities) but also a limit of €1,000 to transfers from and to regulated exchanges and a recommendation to “mitigate the risks posed by transfers from and to self-hosted addresses” with forthcoming recommended restrictions.
One of the most onerous aspects of this new regulation is the introduction of a new phrase to imply that money that you own and control can and should be regulated by introducing the term “self-hosted,” when no such term exists for physical cash or fiat. When you choose to control your Bitcoin, you don’t have to “self-host” anything, you simply have the key to certain Bitcoin outputs and can transfer ownership of Bitcoin outputs (or coins) to other entities by signing over control to them. This key is a randomly generated 64-character string of letters and numbers (i.e. E987…3262), and regulating knowledge of a string of characters is an unbelievable overstep of power. The ability to transfer monetary value in a peer-to-peer manner is one that has existed since the early days of civilization and has historically been private, without requiring disclosure or surveillance.
The implication that the only way the State can prevent crime is by surveilling and collecting personal information from every financial transaction is an unprecedented shift towards centralized control. This control has not been necessary in the past for a safe, effective, and high-functioning society to prosper. When compared to fiat, cryptocurrencies like Bitcoin present an infinitesimally small amount of illicit activity. In their 2022 “Crypto Crime Report”, Chainalysis estimated that only 0.15% of all cryptocurrency volume involved illicit activity, compared to an estimated 2-5% of all GDP ($1.6-4 *trillion*) for fiat. The EU wishes to wield irrational fear and literary propaganda to justify centralizing and expanding their control over our lives.
With these numbers in mind, why are regulators like the EU attempting to tighten the noose on cryptocurrency usage by sovereign individuals? It certainly is not to prevent rampant crime, as cryptocurrencies are barely utilized for that and the low-hanging fruit is fiat use in crime. Is it for our own benefit? It certainly isn’t for our monetary safety, as users’ funds are far safer when self-custodied than when left to centralized exchanges and regulated custodians. Maybe, just maybe, they want to limit the ways in which each one of us can take back some control of our money from the state.
When they can’t control or surveil our finances or our actions, the power returns to the sovereign individual.
In the fight to reclaim sovereignty in the digital age, Bitcoin has become one of the most powerful tools at our disposal. Bitcoin has the ability to separate money from the State, facilitate direct peer-to-peer transactions, and break the financial censorship and surveillance so rampant in our world today. Therefore, it is immensely important that anyone seeking freedom learn to use it. However, one of the core features of peer-to-peer currencies that we’ve come to love in physical cash is privacy — no one but the people in a cash transaction know how much is transacted, for what, and with whom.
Therefore, privacy in an open society requires anonymous transaction systems.
Bitcoin’s design is one that focuses on security (ensuring only owners of funds can spend them), auditability (ensuring no one can arbitrarily create funds), and censorship-resistant peer-to-peer payments, and has proven over the years to do each of these things *extremely* well. One of the keys to Bitcoin’s early adoption and growth was the ability for anyone testing it out to easily see the flow of funds, understand how bitcoin was created through mining, and confirm that the network did what it was supposed to.
We’ve since moved on from Bitcoin’s early days into an increasingly adversarial environment, one filled with chain surveillance companies, hackers, and controlling governments. This has made it clear that Bitcoin suffers from a privacy problem due to transactions being merely pseudonymous instead of anonymous. In order to fully enable financial sovereignty and better realize the censorship-resistant design of Bitcoin, solutions are needed to allow users to use it as the digital cash we so desperately need. In this series we will walk through why we need better privacy in Bitcoin, what pieces of data are most important to hide or obfuscate, and the tools and techniques that have been created and implemented to enable this.
Ultimately, we at Foundation care deeply about user privacy and want to ensure that every one not only has access to a superior store of value in Bitcoin, but also one that can be stored and spent freely, anonymously, and without censorship.
The threat of identity + Bitcoin
One of the most powerful things that Bitcoin did was to detach money from identity, state, and institutions, giving anyone access to a new, free, and uncensorable type of money. Many of these states and institutions, however, would love nothing more than to co-opt and cripple Bitcoin’s power for the individual through chain surveillance and the introduction of lawless and shadowy “regulations” put into practice under the guise of our protection. One of the most powerful ways that they can seek to limit the power and sovereignty that Bitcoin grants to each of us is to tie our identities back to Bitcoin, often through the use of regulations like “Know Your Customer” (KYC) and “Anti-Money Laundering” (AML) controls.
These controls force users of centralized services and exchanges to give up egregious amounts of personal data in order to convert fiat to Bitcoin (or vice-versa). This data is then easily tied to our usage of Bitcoin, leading to simplified surveillance by chain surveillance companies, confiscation by governments, and theft by bad actors who hack these exchanges and steal our private data. As Bitcoin’s ledger is openly available and stored on thousands of computers around the world, it reveals large amounts of financial information to anyone with a web browser.
Consider this common example: imagine you head to your nearest cafe and buy a coffee with Bitcoin, but you do so without having taken steps towards better privacy. When you pay the barista, they can use their smart phone or computer to see how much Bitcoin you own, where else you spend it, how much you earn, etc. While we generally have quite poor financial privacy today from institutions (think about your bank or credit card company), we expect strong privacy from merchants and random individuals we interact with.
Satoshi’s prescience on KYC/AML
In Bitcoin’s whitepaper, Satoshi saw that the first key to enabling Bitcoin to be used in a private (and thus censorship-resistant and sovereign) manner was to keep the user’s identity off-chain at all costs. When identity is detached from Bitcoin transactions, even the pseudonymity of addresses is a reasonably strong form of privacy for the most common threat models. It may not be perfect, but when bad actors have no clear connections to identity, the job of chain surveillance becomes drastically more difficult. When we choose not to link our identity to our Bitcoin usage we can break many of the most common surveillance methods used and make Bitcoin a much more powerful tool.
The pervasive threat of KYC/AML regulations tying identity to our Bitcoin activity is only increasing, and those who are able to avoid this creeping invasion of privacy have a monumental head start when it comes to Bitcoin privacy. Satoshi was quite prescient when he grasped the disassociation of identity and Bitcoin being important, detailing how this would separate Bitcoin from the traditional financial system and grant greater privacy and freedom. Although this regulation has led to centralized exchanges requiring identification, there is a growing and rapidly improving segment of the space that is focused on building out decentralized methods to exchange that can allow us to buy and sell Bitcoin anonymously (or pseudonymously) and avoid ever relinquishing our personal information. Exchanges such as Hodl Hodl, Agora Desk, and Bisq allow Bitcoiners to escape the KYC/AML surveillance mechanism and give us an invaluable advantage when it comes to Bitcoin privacy.
While most Westerners may not be too concerned with this reality at present, many around the world have come face to face with what happens when their identity is easily tied to financial activity. This pairing can lead to de-platforming, repression, confiscation, and other attacks that limit the power they gain from using Bitcoin.We have seen a rise in surveillance and censorship across the world, but thankfully we have the tools at our disposal to fight back. Our aim is to maximize the impact of Bitcoin in the hands of each sovereign individual, and one of the core ways to do that is to properly leverage the tools available to us.
HOw was privacy viewed in Bitcoin’s early days?
While most people will first acquire Bitcoin through these centralized and regulated exchanges, even those who avoid KYC entirely deserve strong on-chain privacy for their money. As we see in the Cypherpunk’s Manifesto, anonymous ways to transact are key to broader privacy and freedom, and can best enable us to reclaim our financial sovereignty. If our ability to store and spend our money freely is eroded via surveillance and control, the rest of our rights as humans can be quickly degraded.
Enter Bitcoin privacy tools.
Since the very early days of Bitcoin, developers and members of the community have spent countless hours devising methods to preserve privacy in Bitcoin to further protect users and empower its censorship-resistance. While this was a core focus early on, many in the community may not be familiar with how critical this topic was to many of the early Bitcoiners who paved the way for us. Many of the concepts used in Bitcoin and other cryptocurrencies focused on privacy were discussed or created in the first few years of Bitcoin’s existence by Bitcoin legends like Satoshi, Hal Finney, Greg Maxwell, Peter Todd, and Adam Back.
Hal Finney set the tone early on in Bitcoin
Hal Finney set the tone early on in Bitcoin as he immediately saw the privacy implications of a fully transparent system. Finney was an early pioneer and privacy advocate, contributing greatly to the PGP protocol and authoring key emails to the early cypherpunk’s mailing list. While Hal Finney was one of the first to think deeply about how to bring anonymity to Bitcoin, Satoshi and many others joined in throughout the early years. Between 2011 and 2013, we saw “stealth addresses”, “PayJoin”, “CoinJoin”, “Confidential Transactions”, and “Borromean Ring Signatures” all proposed and discussed around the Bitcoin community.
While many of these early concepts were never broadly implemented in Bitcoin, one idea did start to gain traction in 2013 — CoinJoins. Greg Maxwell playfully proposed the concept of CoinJoins in a Bitcoin Talk thread titled “I Taint Rich!”, inviting random users to work with him to create collaborative transactions. The idea was that these transactions would create false links between his coins history and that of other Bitcoin Talk users, sowing doubt in chain surveillance companies analysis. These early Bitcoiners paved the way towards a better Bitcoin by taking the time to create, propose, and discuss amazing concepts like CoinJoin.
In Bitcoin, one of the fundamental heuristics used to attempt to trace coins is called the “common input ownership heuristic”, one that assumes that any inputs to a transaction are owned by the same entity. If we can break that heuristic by having Bitcoiners work together to build transactions, we can make it much more difficult to surveil our activity on-chain. At the same time, CoinJoins allow us to build these transactions in a way that makes it extremely difficult to correctly guess which input is connected to which output — breaking the deterministic links that are the norm within Bitcoin and granting strong transactional privacy.
Paving the way towards a better Bitcoin
While concepts like CoinJoin were only the beginning, they would lay the groundwork for many of the most powerful Bitcoin privacy tools at our disposal today. But how does CoinJoin work? What do we achieve when we build these collaborative transactions? What information do we need to hide when we transact in Bitcoin?
We must defend our own privacy if we expect to have any.
We’ll take a deeper look at the data that we must protect in order to defend our right to privacy in part 2 of this series, and then dive into how we got from the early concept of CoinJoin to the mature tools we have at our disposal today in part 3, including what we have in store for Passport and Envoy users in the near future.
We’re excited to announce that the latest version of Passport firmware – 2.0.4 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.
What’s changed
With version 2.0.4 of Passport firmware, we added the Extensions menu, allowing users to enable extra features on Passport with the flick of a switch, starting with the Casa and Postmix extensions. We also greatly improved the QR code scanning and display functionality and fixed several minor bugs.
For more details on each of the changes, keep reading below!
New Features
Add an Extensions menu to Passport’s settings
The extensions menu offers a simple way to enable extra features on Passport
The Casa extension adds an additional account screen with extra, Casa specific features to make using Passport with the Casa platform easy. Video tutorial coming soon!
The Postmix extension offers users the ability to mix directly to cold storage, but then subsequently continue remixing, for free, at any time in the future.
Improvements
Improved QR code display and scanning
Improve the size and density of QR codes to better fill the screen
Remove vertical line from camera image when scanning QR codes
Remember last brightness setting when showing a QR code
Remember last pixel density setting when showing a QR code
Improve microSD and file handling
Autorefresh file picker when microSD inserted/removed
Erase the PSBT file after signing
Allow user to go back up a level when there are no files in the current directory
Improve user experience
Make delete key handling on Backup Code page more intuitive
Add low power warning dialog when battery hits 5%
Tell user when they are installing a developer-signed firmware update
Show new fingerprint (XFP) when switching passphrases
Show Clear Passphrase and Change Passphrase menus instead when a passphrase is already active
Show brick warnings on 5 and 1 PIN code entry attempts remaining
Ensure that users properly understand that the device will be bricked after entering an incorrect PIN code 21 times
Add several new/updated icons
Add support to enter account numbers up to 2,147,483,646
Improved paginated layout for seed words page
Rename Testnet menu to Network
Search “change” addresses for multisig address verification
Bug Fixes
Bring forward bug fixes from Founder’s Edition code
Fix Verify Address for all uppercase bech32 addresses
Fix XFP missing crash
Respect “Skip address verification” flag in wallet settings
Respect “Force multisig policy” flag in wallet settings
Fix multisig import and multisig address verification during connect wallet process
We’re excited to announce that the latest version of Envoy – 1.0.7 – is now live on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.
What’s changed
With version 1.0.7 of Envoy, we added in a firmware update button to simplify the process of installing firmware updates after you’ve initially setup your Passport, squashed some pesky bugs, and overhauled our app to the latest Flutter release.
For more details on each of the changes, keep reading below!
New Features
Added a firmware update button to the home screen card for Passport
Now you can force a firmware update anytime, anywhere for your Passport device straight from Envoy’s home screen
One of the core tenets we live by here at Foundation is that of “don’t trust, verify.” We’ve long had a detailed guide available for verifying and updating the firmware on Passport in a secure way, but we want to expand on that by empowering users to more easily validate Envoy on Android. In this guide we’ll walk through the “why” and “how” of verifying the APK file (the raw binaries that Android uses for manually installing applications) with both simple hash verification and full PGP signature validation to ensure that the app you install is exactly what we published and has not been tampered with in any way.
Why is verification important?
While the Google Play Store and Apple App Store provide a secure centralized method to distribute apps, control over the published application ends up in the hands of Google and Apple, respectively. Because of these centralized “walled gardens,” the ability for end users to verify that the applications they are installing are exactly what the developers publish is minimized, and trust is placed in the app store provider.
When downloading the APK directly from Github, however, we unlock the ability to provide additional guarantees that the application you’re installing is exactly what we at Foundation have made and that it has not been tampered with along the way. Because we’re focused on securely storing and spending Bitcoin with Passport and Envoy, many users understandably want to take as many steps as possible to ensure that their funds are safe against even advanced attacks.
When downloading binaries directly (essentially what an APK file is), even from websites you’d normally trust like Github, you’re placing trust in the source of that binary to match the source code you expect. Verifying the zipped (or compressed) APK file we publish on Github prevents Github (or a malicious attacker somehow injecting themselves between you and Github’s servers!) from being able to tamper with the Envoy APK without being detected. This verification process does require some extra work but can provide additional peace of mind to users of Envoy while reducing trust in third-parties.
Let’s look at how exactly we can perform this verification on Android itself.
Simple hash verification
While full verification via PGP keys is more secure, simple hash verification is very easy and faster to perform while still giving some security guarantees against more trivial man-in-the-middle attacks. A hash of a file is a fixed-length string that uniquely represents a given file, where changing even a single bit of the file would result in an entirely different hash. As a given input file can only have a single hash, comparing the expected hash against the downloaded file ensures that not even a single bit in the file has been changed or corrupted.
Download and install “DeadHash” via the Google Play Store or F-Droid
This SHA-256 hash (the same hashing algorithm used for Bitcoin mining!) is a way to represent the file in a way that cannot be falsified
Open DeadHash and select the folder icon to choose the Envoy APK zip file
Select the downloaded APK zip file, i.e. envoy-apk-1.0.7-18.zip
Paste the hash you copied into the “Compare” field
Press “Calculate”
Ensure that the SHA-256 hash validates and gives you a nice green check-mark
All of the hashing algorithms except for SHA-256 should show a red X, as we’ve only provided the SHA-256 hash
If you get a red X for all hashes, including SHA-256, stop immediately and reach out to us at [email protected]! If it does match, you’re all set.
DeadHash giving a successful hash check
Fully verifying Envoy via PGP
While more involved than simple hash verification, taking the time to validate our PGP key and signatures ensures that as many threats as possible are mitigated. When you validate the PGP keys and signatures of Envoy, you ensure that only a successful attack would require both the PGP private keys and control over our Github account(s). This verification also entirely mitigates the risk, however minor, of Github themselves tampering with the APK.
Getting setup
Before we get started, you’ll need to download and install a separate app on your Android device to enable you to validate the PGP key used to sign the Envoy zip file, and then import the Envoy signing key. For each of the steps below with commands (i.e. pkg install wget gnupg -y), simply copy and paste these into Termux and hit enter.
You should see output including “Good signature from ‘Igor Cota <[email protected]>‘” in a line of the output from this step
This step ensures that the GPG key we publish was the one used to sign the envoy-manifest.txt file, and that the file has not been tampered with in any way
This step compares the hash for the APK zip in the envoy-manifest.txt file that we’ve verified via PGP with the SHA-256 hash of the actual APK zip file we’ve downloaded, ensuring no tampering or corruption has happened
If the output says something like envoy-apk-1.0.7-18.zip: OK, you’ve successfully verified the binary and can go ahead and install with added peace of mind
Note that the file name will change with each release, but you should always get the “OK” at the end!
If the output does NOT say “OK“, stop immediately and reach out to us at [email protected]!
Successful verification of Envoy via Termux
Conclusion
Congratulations on successfully verifying Envoy! These steps are certainly going above and beyond, but keeping with the “don’t trust, verify” mantra is one that always pays off. If you’d like to read more about the PGP or simple hash verification process, you can take a look at the following links:
Casa is one of the Bitcoin ecosystem’s leading collaborative custody services. Using the Casa mobile app, you can create a multi-signature wallet consisting of either:
3 keys (Gold Plan) – 1 user secured signing device like Passport, a key stored on the user’s phone (backed up to the cloud), and Casa holding the third key.
5 keys (Platinum Plan) – 3 user secured signing devices, a mobile key and a fifth key held by Casa.
With this setup, the user is always the majority key holder, and Casa alone cannot spend any funds from the wallet. Under normal operation, users do not need to interact with the key held by Casa and can authorize transactions themselves using their majority key set. Where the Casa key comes into play is in a scenario where the user loses access to 1 key in the Gold Plan, or 2 keys if using the Platinum Plan. In this scenario, the user can initiate a Recovery transaction to spend, with the help of Casa, their Bitcoin to a new multisig wallet where all keys are accessible once again.
With the release of Passport firmware v2.0.4, we are thrilled to announce that using Passport with Casa is now easier than ever. Passport’s new Extensions menu lets you quickly and easily enable different features that unlock new functionality. Once enabled, the Casa extension adds an additional Casa account screen. From here you can do the typical transaction signing as you would with any other Passport account, but you’ll also notice some Casa specific features, such as ‘Health Check’, that allows you to quickly confirm that Passport is still connected with your Casa account. You’ll also find a customized Casa connection wizard that makes your initial setup a breeze!
Founder’s Edition Passport users fear not, we will be porting all of the new v2.0.4 features to your firmware very soon.
Who is this guide for?
For the reasons outlined above (and many more), Casa functions incredibly well to help many Bitcoiners secure their wealth. This tutorial is for those users that want to leverage the power of a collaborative custody setup like Casa, but at the same time want to minimize the level of trust they place in Casa. The following steps show how to recreate a ‘watch-only’ version of a Casa multisig wallet. This watch-only version of the wallet will be created in the free and Open Source desktop application, Sparrow Wallet. Being a watch-only, Sparrow will not have the ability to spend any funds from within, though we will make a brief mention of the additional steps required to do this later.
There are three main reasons a user might want to carry out these steps:
To check that Casa is generating receive and change addresses that belong to the wallet created with the three keys provided. Later, we’ll leverage Passport’s ‘verify address‘ scanning feature to make this super simple.
In preparation for a doomsday scenario in which Casa the company ceased to exist and the user needed to recover their funds without the help of Casa.
To use the Whirlpool coinjoin service within Sparrow to mix directly into their Casa multisig wallet.
Sparrow Wallet Preview
Before we start
The following steps assume a few prerequisites are met. Ensure you meet all three requirements before attempting to complete this tutorial:
You have a Casa multisig wallet setup and active on your Android or iOS device.
You have a secure method of transferring sensitive information from your phone to the device running Sparrow Wallet. Examples include Signal, Keybase, or an encrypted notes app like Standard Notes.
Exporting the public keys
To recreate the Casa wallet in Sparrow, we need the public keys from each wallet participant as well as the corresponding derivation path and fingerprint for each. If you’re a Gold plan user, that means you’ll need to check 3 keys, and Platinum users will need to check 5 keys.
Open the Casa app, click on any of the available keys, then tap ‘View Public Keys‘. Copy and paste all information shown into your chosen secure transfer app. Be sure to carefully label which key the information belongs to.
Repeat these steps for every key until you have something that resembles the image below. Depending on how you’ve used the Casa app prior to this guide, your derivation paths may be different to those shown in this guide. Also note the lack of a derivation path for the Casa Recovery Key, the Casa app does not display this information.
Standard Notes app displaying the exported Casa wallet information
Enter Sparrow
Now that we have the required information from Casa, we can turn our attention to Sparrow. Click File > New Wallet and give the wallet a name
Sparrow Wallet Creation
On the following screen, change the ‘Policy Type’ to Multi Signature, then change the ‘Script Type’ to Nested Segwit and finally, set ‘Cosigners’ to 2/3. This will set the wallet’s spending policy to match Casa where two signatures out of a possible three are required to spend from the wallet. If you are following this guide as a Platinum user, set ‘Cosigners’ to 3/5, where three signatures from a possible five are required to spend.
Sparrow Wallet configured to suit the Casa setup
The next step is to import the information taken from the Casa app, into Sparrow. Sparrow represents each cosigner as a ‘Keystore’, and for the purposes of this guide, all three cosigners will be imported using the ‘xPub / Watch Only Wallet‘ option.
Populate the first Keystore using the information saved in your chosen transfer app, ensuring you enter each piece of information exactly as it was copied from Casa.
Keystore 1 populated with public key information
Repeat for all cosigners until each Keystore in Sparrow is populated. For the Casa Recovery Key, enter the same derivation path used for all other keys.
All Keystores populated
Once completed, click ‘Apply’. Sparrow will then ask if you’d like to set a password to prevent unauthorized access to the wallet. This password is unique to Sparrow and, if applied, ensure it is securely backup up.
Do they match?
If you followed these instructions successfully, opening the Transactions tab will reveal your Casa wallet’s total balance and transaction history. If you do not, open the Sparrow Settings tab and double check the information entered is an exact match to that shown in Casa.
Casa Wallet successfully imported into Sparrow
Open the Receive screen in both Casa and Sparrow and check that the addresses shown are an exact match. We can now be confident that Casa is generating the correct receive addresses for your multi-signature wallet. If desired, you can repeat this check every time the Casa app shows you a new receiving address.
Sparrow Wallet receive screen
Verifying with passport
To leverage Passport’s powerful ‘Verify Address’ feature to verify all future addresses shown by Casa (or Sparrow) with a simple scan, we need to make Passport aware of the wallet configuration. Unlike other multisig wallet coordinators, Casa does not currently have a way to export this information via QR code or microSD card, but there are two other ways we can get this information to Passport.
Option 1 – Passport Multisig policy
By having Passport’s multisig policy set to ‘Ask to Import’, Passport will automatically pull the required information from the transaction details when signing a transaction with Casa.
Passport import multisig config
option 2 – use sparrow
With the multisig wallet open in Sparrow, head to Settings > Export, then click ‘Show’ next to ‘Passport Multisig’. Sparrow will then display an animated QR code containing all of the wallet public information which will notify Passport of the wallet details.
Multisig wallet config export
On Passport head to Settings > Multisig > Import from QR then scan the QR being displayed by Sparrow. Review the details shown on screen and then confirm.
scan + go
Now, when using the Verify Address feature on Passport, you’ll be able to choose your imported Casa wallet from the list and will get a confirmation that the address being shown is part of your multisig wallet.
Passport Address Verification
What if i want to spend?
At this stage Sparrow is acting purely as a watch-only wallet that cannot spend, and has no influence on the activities taken in the Casa app. The private keys required to authorize spends are still stored on your Passport, your phone and on the Casa Recovery Server respectively. But what if Casa were to disappear and you needed to move your Bitcoin?
In this very unlikely scenario, the steps required are almost identical to those outlined above. The only difference being, that instead of importing the Mobile cosigner’s public key, we instead need to import its private key. This private key can be exported from Casa by tapping on the mobile key then ‘Import or Export Backup’, followed by ‘Export Private Key’. Casa will then display a list of seed words that should be stored securely and not shared with anyone.
Once you have the mobile key’s seed words, you can change that Keystore in the Sparrow settings. Click ‘Import from an external source’, choose ‘Software Wallet’ then ‘Mnemonic Seed Words (BIP39)’. Then enter the seed words you noted down from the Casa app.
Importing a mnemonic seed to Sparrow
On the following screen set the derivation path to match the other cosigners and click ‘Import Custom Derivation Key’. To finalize these changes click ‘Apply’ on the settings screen.
Custom derivation path setting
Sparrow now contains 1 of the 3 private keys required to spend from this multisig wallet. Now, to spend your Bitcoin to a new wallet, all that’s required is to create the transaction by following the usual steps and providing a second signature with Passport. The video below demonstrates the typical signing flow with Passport + Sparrow.
https://youtu.be/Gx0mke_4BJU
A note on key rotations
When one key is compromised and replaced, Casa bumps all other keys to the next account level in their respective derivation paths. This means that any time a key rotation is performed within Casa, the above steps must be repeated. More experienced Sparrow users may opt to manually update each Keystore to reflect the wallet changes, but it is good practice for newer users to get comfortable creating the wallet from scratch.
BONUS – coinjoin directly to your casa wallet!
Sparrow Wallet recently incorporated the Samourai Wallet Whirlpool coinjoin implementation. Conjoin is one of the best methods available to preserve your privacy when interacting with Bitcoin’s transparent ledger. Sparrow enables you to participate in coinjoins via your computer without the need for an Android phone. Additional to the Whirlpool functionality, Sparrow also enables users to have those mixed outputs be sent automatically to any another wallet managed by the same Sparrow application. No additional user input, just start the mix, leave Sparrow running and it will do the rest for you!
This section of the guide is not designed to be a detailed walk through of using Whirlpool with Sparrow. For that, you can read this guide or watch this video. Prerequisites for this section of the guide:
Have a Casa wallet imported into Sparrow.
Have a single signature hot wallet (where Sparrow holds the seed words) set up in Sparrow.
Have the hot wallet funded with the amount of Bitcoin you want to coinjoin.
Starting the mix
With your hot wallet open in Sparrow and funded with the amount of Bitcoin you want to coinjoin, open the UTXO tab and from the list, select the UTXOs you want to mix. Then choose ‘Mix Selected’.
Starting a mix with Sparrow Wallet
Work through the following dialogue screens to select your miner fee and pool size to enter. The pool size you choose will depend on the amount of Bitcoin you are mixing plus the desired denomination of mixed output you desire. To confirm click Preview Premix.
Whirlpool info screen
On the following screen Sparrow provides a breakdown of the fees involved and mixed outputs created from the coinjoin. When you are happy click Broadcast Premix Transaction.
Premix preview
The coinjoin is now initiated and Sparrow will take over and do the rest for you, provided you keep the application running. After a short while, navigate to the Postmix tab from the side bar to see your mixed outputs. How many you see in this screen will depend on the amount of Bitcoin you elected to mix, and in which pool.
Mixing larger amounts in smaller pools may take longer to complete, so do not be alarmed the expected amount of Bitcoin does not show up immediately.
Sparrow Wallet Postmix Tab
Mixing to your casa multisig
To get your mixed outputs sent automatically to your Casa multisig, ensure both your hot wallet and the imported Casa wallet are open in Sparrow. Then navigate to the Postmix UTXOs tab and select the UTXO(s) to be mixed into the Casa wallet then click ‘Mix to’.
In the pop up window, select the imported Casa wallet from the Mix to drop down then select the minimum number of mixes required before the UTXOs are eligible to be sent to the Casa wallet, a higher number here will improve your privacy but means the move to Casa will take longer. Finally, leave the index range to Full and click Restart Whirlpool.
‘Mix to’ configuration
Now, when clicking on the UTXOs selected earlier, Sparrow will indicate at the bottom of the screen that they are ‘Mixing to Casa’. Again, all you need to do now is leave Sparrow running on your computer and it will take care of the rest for you.
‘Mix to’ started
After the defined amount of mixes have taken place, you’ll see incoming transactions of the pool amount landing in your Casa app (and the imported version on Sparrow). Each UTXO will be sent individually to your Casa wallet, and the more UTXOs set using ‘Mix To’, the longer the process will take to fully complete. Patience is key here and you can monitor everything from Sparrow.
It’s worth mentioning that whilst Whirlpool provides fantastic forward looking privacy for your mixed outputs, your wallet is still ultimately connected to Casa’s node, meaning that Casa will still know the UTXOs are yours.
the best of both worlds
By following the steps outlined in this guide, you really can have have it all! You get the awesome security and redundancy the Casa collaborative custody model offers, coupled with the fantastic forward looking privacy gained from using the Whirlpool coinjoin service within Sparrow. All of this, whilst also minimizing the trust placed in Casa by combining Passport with a Sparrow watch-only setup to validate everything the Casa app presents to you. Finally, in the highly unlikely situation that Casa were to disappear, you’re now also fully prepared to recover your Bitcoin too.
Stay tuned to our YouTube and BitcoinTV channels for an upcoming video tutorial on using Passport with Casa to secure your sats!
One of the first things most people hear about Bitcoin is that it’s “Private internet money” or “Untraceable Cash for criminals.” But spend more than 5 minutes to understand how the network functions and you’ll quickly see that these assertions are incorrect and can often lead newcomers into a false sense of security when interacting with Bitcoin.
We spoke in our recent coinjoin article about how Bitcoin has a completely transparent record of all transactions ever made, known as the blockchain. This transparent nature makes it trivial to verify the total circulating supply of Bitcoin at any moment, an incredibly important feature. However, Bitcoin’s transparent nature also makes it easier for chain surveillance firms, or indeed anyone using a block explorer, to attempt to track the flow of funds across the network. Not great for privacy!
At a transactional level, Bitcoin offers less than perfect default privacy guarantees, which can be combated with tools like coinjoin, but transacting is just one of the many ways in which we interact and expose ourselves to Bitcoin and the ecosystem surrounding it. A holistic approach is a great way to attack most things in life; Bitcoin privacy is no different.
So what steps can average Bitcoiners take to preserve their privacy whilst leveraging the power of the world’s hardest money? What follows are some tools and techniques anyone can deploy when looking to improve or protect their Bitcoin privacy. You might be surprised at how simple some of them are!
#1 – SHhh
This might seem blatantly obvious, but the fewer people you talk to about owning Bitcoin, the fewer people know you own Bitcoin. Aside from the obvious privacy benefits, this one also improves your Bitcoin security too. Attackers cannot attempt to steal something they have zero knowledge about.
Of course you’ll want to try and ‘orange pill’ your friends and family and you’ll also need to ensure you have the necessary things in place for inheritance planning should anything happen to you, both of which involve you exposing a certain level of information about your Bitcoin. Just be selective with the info you share and who you share it with – it’s a fine balance to strike.
#2 – Use a Pseudonym
This one goes hand in hand with #1, but is geared more towards getting involved in the vibrant online Bitcoin community. A pseudonym is a great way to make new Bitcoin friends from all over the world without the need to share any of your personal information with a group of strangers on the internet.
Signing up to Twitter or Telegram with a username like @JohnDoe makes it easy for anyone to search your name and find out significant amounts of information about you in just a few clicks. Now that they know you’re a Bitcoiner, they may choose to use this information against you at any point in the future.
Ultimately you have no idea who the real people are behind the usernames you interact with online, so it makes perfect sense to guard yourself with a pseudonym whilst building those relationships. From there you can choose to selectively reveal as little or as much information about yourself as you’d like over time.
#3 Use Tor or a vpn
Any time you connect to the internet you leak information about yourself. The two usual suspects are your IP address, which shares your approximate location with every website you connect to, and your browsing activity with your Internet Service Provider (ISP).
Visiting a Bitcoin related website? That website knows roughly where you live, and your ISP sees every page you view. Querying your Bitcoin balance using the default node back-end in a wallet like BlueWallet or Blockstream Green? That company knows roughly where you live and how much Bitcoin you have, and the ISP also see’s you connecting to them.
By carrying out those activities over the Tor network or whilst using a VPN service, you gain differing levels of protection against these sorts of privacy leaks. These tools work by hiding your browsing activity from your ISP and masking your IP address from the websites or nodes you connect to.
Where possible, try to use Bitcoin wallets like Envoy or Samourai Wallet that default to Tor connections. When using tools like public blockchain explorers or any Bitcoin related websites, use the Tor network or have a VPN service like Mullvad active to mask your true IP address. It’s worth noting here that whilst a VPN will hide your browsing activity from your ISP and your IP address from the services you connect to, the VPN provider can still see this information.
Tor Browser Window
#4 Obtain via no-KYC methods
When purchasing Bitcoin from a regulated exchange like Cash App or River, you’ll need to provide personal information to satisfy the ‘Know your Customer’ (KYC) regulations imposed upon them. Usually this information will be your name, address, drivers license, or passport and in some cases, might even be a selfie or video asking you to turn your head and say some specific words. Any Bitcoin you then purchase from that entity is tied to your personal identity.
Your public information is stored by these companies (sometimes poorly) and likely shared with the government upon request. Unfortunately, this information is often leaked onto the internet by hackers, resulting in anyone with eyes on the leaked list learning your name, where you live, what you look like and potentially how much Bitcoin you own.
This information could make you a target to a local thief who might take the opportunity to pay you a visit and try to persuade you to hand over your hard earned sats. Although the more likely outcome is that you’ll become the target of phishing attacks where an attacker will send a bogus email asking you to login to a malicious website in an attempt to steal your Bitcoin.
Fortunately you can combat this by obtaining Bitcoin via methods that do not require you to share such excessive amounts of personally identifying information. These methods take many forms, below is a list of just a few of them. You can learn more at kycnot.me and nokyconly.com.
In #3 we spoke about the risks of network level privacy leaks when querying public block explorers or when using the default node option of some wallets. Another way you can combat these privacy leaks is to run your own Bitcoin node. A node is the way in which all Bitcoin wallets communicate with the Bitcoin network to send transactions and query balances. If you are not using your own node, you are trusting someone else’s node with your privacy and to serve you the correct information.
Thankfully today we have a wealth of different node options available to suit all requirements and skill levels. Some are as simple as downloading Bitcoin Core onto an old laptop to connect your hardware wallet to, and some come packed with more advanced features like personal block explorers, coinjoin implementations, Electrum servers, and Lightning Network features.
Which one you choose will depend entirely on your budget, requirements, available hardware, and skill levels. Just remember, to leverage the power of your own personal node, you must use it as the back end for your Bitcoin wallets! “Don’t trust, verify.”
RoninDojo Tanto Plug + Play Node
#6 Address reuse
We have the legacy financial system to thank for this one! We are used to having a single account number which we re-use for years on end to receive money. That single number is the ‘place’ where we store our fiat wealth. Bitcoin is slightly different. In Bitcoin we have our wallet, which is typically backed up by a 12 or 24 word seed, and from that seed we can derive an unlimited amount of individual addresses.
Typically a Bitcoin address will look something like this bc1qrkgefmxzn6v3kuhkgxlf6lkul9y50ahf4ckrq8, although some older address standards can start with ‘1‘ or ‘3‘. Re-using the same address for multiple transactions tells anyone looking at the blockchain that all funds within those transactions belong to the same entity.
When receiving Bitcoin it’s good practice to use a new address with every transaction. This might sound like a logistical nightmare, but almost all modern wallets will automatically serve you a new one every time you receive, the only thing you need to do is not share the same one with different people. The wallet will automatically watch all of those addresses and show you your wallet’s total balance.
#7 coin control and labeling
The Bitcoin balance you see in your wallet is the sum of all of the smaller pieces of Bitcoin contained within. These pieces of Bitcoin are known as Unspent Transaction Outputs (UTXOs) and each will have a history, some of which belongs to you, some of which does not. If you use a wallet that automatically selects which UTXOs are used when making each transaction, you may be sharing unwanted transactional information with the recipient of the transaction or anyone surveilling the blockchain.
Additionally, if your wallet enables you to view and select UTXOs to transact with, but you do not know the source of each, how will you know which ones are best to use for the different transactional situations you find yourself in? By using a wallet that allows UTXO labeling and the selection of which UTXOs are used to construct each transaction (known as Coin Control), you are able to share the minimal amount of information when transacting.
A good practical example of this would be a wallet that contains both KYC and no-KYC Bitcoin. Ideally, you should not combine these two sources in a single transaction, because it will tie the no-KYC Bitcoin to the KYC Bitcoin that is linked your true identity provided when you purchased from the regulated exchange. If your coins are clearly labelled ‘KYC‘ and ‘no-KYC‘ then you can make an educated decision when spending those sats in the future.
Sparrow Wallet showing labeling
#8 Use coinjoin
Those of you that read our coinjoin article will already have a flavor of what coinjoin is and why it’s important. Here is a snippet from the opening paragraph. ‘Coinjoin is a form of collaborative Bitcoin transaction where two or more users create a transaction that provides ambiguity about the ownership of the transaction outputs. This takes place without a user needing to trust any other user participating in the transaction.’
Coinjoin aims to combat the transparent nature of the Bitcoin blockchain by making it difficult for anyone surveilling the chain to track the flow of funds. There are many times of coinjoins a user can take part in to improve their ‘on-chain’ privacy. There are centrally coordinated solutions such as Whirlpool and peer-to-peer solutions like JoinMarket, Stonewall X2 and Stowaway.
A combination of some or all of these tools can be used to improve on-chain privacy, and with the exception of JoinMarket, all of the aforementioned tools can be accessed via Samourai or Sparrow wallets.
Bitcoin privacy is an constantly evolving phenomenon. For every new wallet feature or protocol upgrade, there is a shift in regulation or surveillance technology to attempt to combat it. The steps outlined above may seem daunting or lengthy, but in our opinion, are a small price to pay to achieve true financial sovereignty. Privacy in Bitcoin is not easy, but is attainable for those that seek it.
If you’d like to learn more about the practical application of some of these tools and techniques, check out bitcoiner.guide/privacy from our very own Bitcoin QnA and Jameson Lopp’s privacy resource page.
Coinjoin is a form of collaborative Bitcoin transaction where two or more users create a transaction that provides ambiguity about the ownership of the transaction outputs. This takes place without a user needing to trust any other user participating in the transaction.
Imagine you and nine friends all throw a $10 note into a box, shake the box around, and then each pick out a note at random. Nobody would know who ended up with whose original $10 bill!
Coinjoins can take many different shapes and sizes but are always performed in a non-custodial fashion, meaning that you never lose control of your bitcoin when participating. Anytime you’re participating in a ‘coinjoin’ that asks you to send all your Bitcoin to an address not under your control, beware. So called ‘Mixers‘ like this operate in a custodial fashion and have been known to steal people’s bitcoin. Tread extremely carefully and only use tools that are well vetted.
The most common type of Coinjoin is known as an ‘Centrally Coordinated’ one, where there are often many participants in each transaction. An example of this is the Samourai Wallet Whirlpool implementation. In this type of setup, multiple users connect to a central coordinator which acts as a the central authority between all participants. The coordinator never gains control of any funds or learns anything about the participants. Its main functions are to coordinate the transaction (which becomes difficult to do purely in a peer-to-peer fashion as more participants are added) and collect a fee for maintaining the service.
Whirlpool coinjoin example with 5 participants
Why coinjoin?
Traditional finance offers fairly good levels of privacy from certain parties. For example, your employer doesn’t get to see how you spend your paycheck, and the Barista at Starbucks doesn’t get to see how you spend the change from the $20 bill you used for your morning latte.
Due to Bitcoin’s completely transparent ledger, it’s more challenging to maintain your privacy in the above examples – unless you embrace basic privacy practices when interacting with Bitcoin! In addition to being transparent, the Bitcoin blockchain is also permanent. Every transaction you make is copied to thousands of nodes (or computers) around the world to be stored indefinitely.
These two properties of Bitcoin (transparency and permanency) make it trivial for even semi-sophisticated actors with time and resources to track the flow of funds across the blockchain, at any time they like. The mistakes you make today could easily be used against you in the coming years by anyone with the ability and desire to interpret this public information.
Coinjoins provide Bitcoiners with a way to prevent against such attacks and regain some privacy. Coinjoins allow you to prevent your employer, Starbucks Barista, or even worse – a chain surveillance firm (whose job it is to track entities on the blockchain) – from tracking your spending habits. This gives you the ability to spend or save in the same way you would with physical cash, without fear of retribution at some arbitrary point in the future.
what is a payjoin?
Aside from the commonly used ‘centrally coordinated’ coinjoins, consisting of a larger number of users that each receive back the same amount they put in (less any fees), there is also Payjoin. Payjoins are peer-to-peer coinjoins, generally between just two parties. Payjoins are more commonly used when transferring value from one person to another, like buying a new hardware wallet!
Payjoins enable Bitcoin value transfer between two parties, whilst breaking something called the ‘Common Input Ownership Heuristic’ (CIOH). This heuristic used by chain surveillance firms to try and interpret the flow of funds across the blockchain. These firms do this by assuming that all of the inputs to a transaction belong to the same entity, which is true of most typical Bitcoin spends, but not with Payjoin!
As with any normal bitcoin transaction where value is being transferred from one person to another, during a Payjoin transaction the recipient gains the desired amount of Bitcoin from the sender, receiving at least one transaction output (the payment). Where a Payjoin differs is that the recipient also provides an input to the transaction, completely undermining the CIOH and casting doubt over the true flow of funds. The resulting transaction looks no different to any other typical spend, with only the two participants knowing they just completed a coinjoin whilst also transferring value from one to the other.
The other beautiful part about Payjoin is that due to the nature of how these transactions are constructed, the actual value transacted between the two parties is not visible to anyone looking at the blockchain. We’ll demonstrate this in the steps that follow.
buying passport with a payjoin
Currently there are only a few wallets able to send and receive Payjoins that adhere to the BIP78 standard. Sparrow Wallet is a great example, and will be used to demonstrate how you can purchase a Passport with a Payjoin. The receiver side of this transaction will be the Payjoin compatible BTCPay Server, which operates as our in-house Bitcoin payment processor.
First off: head to our website, add Passport to your cart, and then head to the checkout to provide contact and shipping information. Once that’s complete, choose Bitcoin as your payment option and click ‘Proceed To BTCPay’.
Passport order ready to be place
Next you’ll be greeted with an invoice which you can choose to pay using the Lightning Network, or in this case, regular ‘on-chain’ Bitcoin. The QR code shown is an encoded version of the receive address for sending using a standard transaction. For Payjoin, navigate to the ‘Copy’ tab and copy the Payment Link provided.
Invoice QR
Invoice ‘copy’ field
Using a hot wallet in Sparrow, open the Send tab and paste the payment link into the ‘Pay to’ field. Sparrow will then populate the recipient address and amount, and will store the remaining info for a following step in the process. Give the transaction a label, adjust your miner fee and click Create Transaction.
Transaction built
On the next screen you can review the transaction details. Note the blank ‘Payjoin input’? We’ll get to that next.
Transaction Summary
Click ‘Sign’ to authorize the first part of the transaction.
Transaction ready for signing
Now we have the option to Get Payjoin Transaction. This uses the information provided from the payment link copied earlier to contact the Foundation Devices BTCPay Server to obtain the details of the UTXO to be used as the missing input in our Payjoin.
Payjoin coordination ready
Recipient Payjoin input obtained and the final transaction is ready to sign.
Payjoin input obtained
Payjoin signed and ready to be broadcast to the network.
Final transaction for broadcast
The BTCPay Server will automatically detect the incoming payment and mark your order as confirmed!
Order complete
transaction analysis
This image is a block explorer view of the transaction demonstrated above, with added annotations to explain the makeup of the transaction. Some key things to note:
Both sender and recipient have one input and one output each
The actual value transferred for the purchase during the transaction was 0.00511928 BTC(see the invoice above), this amount is not visible
The transaction has cast doubt over the true flow of funds and improved the privacy of both participants
Click to open transaction in a blockchain explorer
The receiver has contributed a UTXO of 0.00583881 BTC to the transaction and finished up with a UTXO of 0.01095809 BTC. Subtract one from the other and you get the exact value of the invoice 0.00511928 BTC.
other privacy considerations
Spending via Payjoins or by using the outputs from larger coordinated coinjoins is a fantastic way to preserve your privacy at the Bitcoin network level. It’s also worth noting that those two options can be combined for even greater effect – Coinjoin with Whirlpool, then use those mixed outputs to create a Payjoin spend!
There are unfortunately many other things to consider when attempting to spend Bitcoin privately, or when ordering Bitcoin related items online. We plan to cover these in future articles, but will summarize them below for awareness.
(1) Purchasing using Bitcoin directly from an exchange
Are you comfortable with the exchange (or trading partner if using a peer-to-peer method) knowing you’re spending to a Bitcoin related company? If not, make use of the Coinjoin tools outlined in this article.
(2) Purchasing using a credit card
Are you comfortable with your bank knowing you’re spending to a Bitcoin related company? If not, purchase using Bitcoin that has been obtained in a private manner or has been coinjoined.
(3) Getting items shipped to your home address
Are you comfortable with the company you’re purchasing from knowing your home address? Are you aware of their data retention policies? How about a curious courier that might see a Bitcoin logo on one of your packages? If not, opt to get the items delivered to a PO box, re-mailer or similar service. The options available to you will depend on your jurisdiction.
(4) Getting items shipped using your real name and telephone number
Once again, are you aware of the company’s data retention policies? Do they have a good track record for keeping customer data secure? You could use a pseudonym and a phone number that is not tied to your personal identity.
The holistic approach
Bitcoin privacy is a multifaceted beast with many things to consider, nobody gets it perfect first time. The key thing to remember is that there’s never a bad time to start improving your privacy. Pick one aspect, make a change, then move on to the next to ensure you don’t get overwhelmed. Stay tuned for more articles on the subject, and if you need personalized support consider checking out our Concierge service.
One of the beautiful things about Bitcoin is that it attracts people from all walks of life, each with differing time constraints, skill sets and learning preferences. At Foundation, we pride ourselves on producing beautiful devices that are both secure and intuitive. To compliment our hardware we also strive to provide support options that cater to our diverse user base. In a recent blog post, we covered some of the ways in which we try to do this, including a catalogue of videos detailing everything from getting started with Passport, to creating your own sovereign multisig wallet with Specter Desktop. We also have a documentation website, email support, online live chat, and a vibrant Telegram community chat.
We recently announced our stunning new hardware wallet, Passport Batch 2, and its new mobile app Envoy. Our original Founder’s Edition Passport is already easy to set up and pair with a software wallet, but with the addition of an improved user interface (also coming to the Founder’s Edition) and our tailor made companion app, we have taken that ease-of-use to the next level. But we still thought we could do more…
Introducing concierge setup
Launching alongside the new Passport Batch 2 and Envoy, we are proud to announce the launch of our 1-on-1 support service, Concierge Setup. We created this service after realizing that no matter the thoroughness of our documentation, video guides and community, some users find great value in a more personalized touch. We think the ability to have someone on-hand who is experienced and has completed this task a thousand times over is an incredibly valuable option.
Our Concierge Setup service gives you direct access to our in house Bitcoin and Passport expert for a 1 hour call for your own personalized Passport onboarding experience. There is no requirement for you to be on camera or share any personal information throughout the call. During your Concierge call (which takes place via our own private Jitsi meeting server), you will learn how to:
Set up and configure Passport
Update Passport’s firmware
Backup your private keys to microSD and/or seed words
Pair Passport with Envoy (or an alternative software wallet of your choosing)
Send and receive to and from your cold storage
You’ll also have the opportunity to ask any related questions to learn more about Passport and best practices
Concierge booking
Booking Concierge Setup is simple, just head to foundationdevices.com/passport and add the item to your cart (further down the page). Alternatively, we’ll ask if you want to purchase the service alongside your Passport order.
Concierge cart add on
When your Passport ships, you’ll receive an email invite to our booking page where you can choose a date and time to suit you.
Concierge booking screen
After choosing your time slot, leave your name (or pseudonym) and email address for the invite to be forwarded to.
Booking summary
You’ll then get a confirmation with all of the meeting details (this will also be emailed to you). The booking tool also has functionality to automatically add the booking to your chosen calendar software.
Booking confirmation
And that’s it – our Bitcoin expert will be ready and waiting at the time of the meeting to help you progress along your journey to Bitcoin sovereignty!
Finally, Concierge Setup isn’t just for brand new Passport users. If you already have a Founder’s Edition but think you might benefit from some personalized instruction to get the best from your device, book a session! Need help with creating a multisig wallet using Sparrow Wallet and Passport? Book a session! Want to review your security practices with an experienced Bitcoiner – book a session! If you’ve already purchased Concierge Setup and have not received a booking link, fear not, all booking emails will be sent out when we ship Passport Batch 2 next month.
Last November, we announced that Passport Founder’s Edition sold out to rave reviews. With nearly 1000 of our next-gen Bitcoin hardware wallet in the wild, the Foundation team has worked tirelessly behind the scenes to prepare for Batch 2.
We are beyond excited to share all the details with you today.
Passport Batch 2 was an opportunity to go back to the drawing board. Faced with supply chain challenges, rising component costs, and a sizable wishlist of improvements, we asked ourselves – how can we reduce costs while delivering the industry leading Bitcoin hardware wallet?
But more than that, we knew that Passport needed a companion. A way to streamline onboarding, firmware updates, and learning. A refreshingly simple Bitcoin wallet experience.
After shipping Passport Founder’s Edition and surveying our customers, we went heads-down into design mode for Batch 2. This new Passport is the culmination of months of design and engineering work.
Price
The most common feedback on Passport Founder’s Edition was cost – its $299 price point was steep, especially compared with other hardware wallets.
By redesigning Passport Batch 2 and putting every component under the microscope, we reduced both the cost of materials and assembly. Passport Batch 2 presells for $199. Once we begin shipping, Passport’s price will increase to $259.
Design
Ultra-minimalism is everywhere, and the Foundation team is sick of it! Rather than pursuing a minimalist, boring design, Passport Batch 2 embraces a new design language that we call digital deco. The new Passport borrows ornate elements from the art deco movement and brings them into the 21st century.
Like Passport Founder’s Edition, Batch 2 is constructed of high-quality plastic and copper-plated zinc alloy, a responsive physical keypad, and a magnetic rear cover.
Notably, Batch 2 is almost 20% thinner than Founder’s Edition!
Battery
Batch 2 uses a standard form factor lithium-ion battery instead of AAAs. This allows for longer battery life and an accurate battery indicator.
Passport uses a standard Nokia BL-5C battery pack. This pack is readily accessible from online retailers, so you are not dependent on a proprietary Foundation battery.
Charging occurs via a power-only USB-C port on Passport. This is a special port that only has pins for power, not data, therefore preserving Passport’s airgap. No need to trust us – you can take a quick look at the port and see that most pins are missing!
Display
Passport Batch 2 incorporates a stunning, high resolution IPS color display bonded to ultra-hard glass. The display is scratch resistant and vibrant, rendering brighter and clearer QR codes in all types of lighting conditions.
The Foundation team designed an overhauled user interface to take advantage of the new display! The UI is modern yet simple, with a new left-to-right navigation.
Little Details
We are especially proud of Batch 2’s little details – like a physical power button for simplicity and convenience, and an improved microSD slot that allows the card to sit closer to Passport and eliminates the possibility of backwards insertion.
Passport now ships with new accessories. In addition to an industrial-grade microSD card and removable lithium-ion battery, Passport includes microSD adapters for iOS and Android alongside a USB-C charging cable.
We also can’t stop ogling the packaging.
Security Architecture
While Passport features an all-new design, its underlying security architecture is unchanged. Passport uses an ultra-fast STM processor, Microchip 608a secure element, Omnivision cameracube, and an avalanche noise source for entropy.
Passport’s hardware and firmware are fully open source under copyleft licenses (CERN-OHL-S and GPLv3).
Envoy
Passport is already easy to set up and pair with the software wallet of your choice, but the Foundation team wanted to take it a step further. We sought to deliver an experience that makes life easier for advanced Bitcoiners and lowers the barriers to entry for new Bitcoiners purchasing their first hardware wallet.
So we made Envoy, a mobile companion app for your Passport. Envoy performs four key functions:
Helps you securely and easily set up Passport.
Keeps you up-to-date with firmware updates, no computer required!
Provides quick and easy access to support resources.
Offers a refreshingly simple Bitcoin software wallet.
Onboarding
Envoy guides the user through unboxing Passport and setting it up securely. Instead of using our support website from your computer or phone, you’ll now be able to use the Envoy app for a much improved experience.
Security
Envoy primarily communicates with Passport via airgapped QR codes, ensuring that Passport is never directly connected to an online device. Initial Passport setup, supply chain validation, and Bitcoin transactions are all facilitated with QR codes.
Passport firmware updates are securely downloaded by Envoy and transferred to Passport via microSD card. Envoy sends a push notification when a new firmware update is available, making it easier than ever to always run the latest firmware.
Privacy
Envoy connects to Foundation’s server and Bitcoin node through Tor. This means that Foundation does not know your IP address and is less able to track your activity.
For those seeking greater privacy, Envoy offers the ability to connect to your own Bitcoin node, cutting out Foundation as the middleman.
Openness
Like all our products, Envoy is fully open source with a copyleft license (GPLv3). This means that advanced users can inspect the code, build from source, and even fork and improve the app. Envoy relies heavily on popular open source toolkits, including Flutter and BDK.
Due to Envoy’s open source nature, you can be better assured that Envoy does what we claim. You don’t have to blindly trust Foundation with the security of your Bitcoin; you can verify for yourself!
Alongside releasing Envoy in the Android and iOS app stores, we will make an APK available for advanced Android users, and will also explore releasing to the F-Droid open source app repository.
Wallet
For new Bitcoiners and those who seek a zen-like experience, Envoy offers a simple Bitcoin software wallet that automatically pairs with your Passport.
Envoy allows you to pair multiple Passports, each with its own account to send and receive Bitcoin. The only user input is whether to “boost” your transaction by paying a higher fee – that’s it! We suspect Envoy is the simplest Bitcoin software wallet on the market.
Over time we plan to add more advanced features like coin control, but will always offer an unparalleled zen experience for new Bitcoiners.
We hope you’re as excited as we are about Passport Batch 2 and Envoy.
Passport Batch 2 is expected to ship in April. We’re beginning circuit board production later this month, and are just waiting for the plastic and metal parts to arrive. We’ll have the first set of Batch 2’s on-hand at Bitcoin 2022 in Miami next month.
Envoy will launch in app stores alongside Passport Batch 2.
Our website is now updated with all the details of Passport Batch 2 and Envoy! As Batch 2 is limited to 2500 units, we recommend preordering today to ensure availability. Please contact us with any questions via email or Telegram.
We publicly announced Foundation in May of 2020 with the goal of making Bitcoin and decentralized technologies accessible to each and every individual in order to build a new era of sovereignty, ownership, and privacy. We aimed to build a different kind of hardware company with an emphasis on open source and local manufacturing.
Since then we’ve shipped our first 1000 devices, raised funding from investors, and built a superstar team. We’ve also had more time to reflect on the state of the world. Censorship, privacy violations, uncontrolled money printing leading to historical inflation. We’ve asked ourselves – what can we do to help guide humanity through these challenging times? As in Asimov’s Foundation trilogy – what can we do to reduce this period of chaos and more quickly usher in a new era of freedom and prosperity?
We realized that an evolved mission and logo were necessary to crisply communicate what we are building and what we stand for. We are proud to unveil both today.
With the rise of the Internet, a digital currency like Bitcoin was inevitable. The Sovereign Individual, authored in 1997, presciently details how society will be transformed in this fourth stage of human society – the transition to the Information Age, powered by the Internet.
Beloved by Bitcoiners and digital currency enthusiasts, The Sovereign Individual predicts the separation of money and state, the corresponding decline of the nation state, and the rise of the individual.
Today, most people know there is something wrong with the world. They know their privacy is being violated by technology companies that resemble surveillance apparatuses. They know that corporate media and social media are censoring factual information. They know that quarantine camps and social credit scores are simply wrong. They want privacy, they want sovereignty – they just don’t know where to start.
That’s where we come in. If we can lower the barrier to becoming a sovereign individual, we believe that more and more people will reclaim their sovereignty and freedom. This is not a guess; this is our conviction.
Foundation builds Bitcoin-centric tools that empower you to reclaim your sovereignty.
This starts with Passport, our best-in-class Bitcoin hardware wallet. But over the coming months and years we’ll release a suite of hardware and software that makes it easy to become a sovereign individual.
With our refocused mission, we realized that a new logo was also needed. Our current logo evokes a strong foundation and a futuristic cityscape. The triangle evokes strength and positive change, while the trapezoids represent a sturdy bedrock on which to build. But the current logo does not represent sovereignty or properly reflect the state of our world.
Instead of a prominent triangle, we designed a logo that consists of three chords arranged in a circle. A chord is filled with meaning in the fields of linguistics, mathematics, culture, science, and technology. When we consider a chord we think of harmony, we think of geometry, we think of engineering.
Our new logo, in its purest form, is three chords – three notes – that represent the classic three-act structure.
In Act I, the Setup, Bitcoin was invented as the global financial system was faltering. Cypherpunks served as early adopters, rapidly improving the network so that it could compete directly with fiat currencies.
In Act II, the Confrontation, things seem bleak. A global pandemic has been twisted into a worldwide authoritarian power grab via mass lockdowns of populations, restrictions on movement, vaccination passports, mandatory quarantine camps. But on the sidelines, Bitcoin is slowly gaining adoption from millions of individuals, numerous corporations, and even nation states. We are currently in Act II, and it’s where we will likely stay in this decade.
In Act III, the Resolution, we emerge victorious with a Bitcoin standard. Billions of people are transformed into sovereign individuals. A new era of progress and prosperity begins.
Our new logo evokes a strong foundation, but the triangle is not actually there; the triangle is simply the space between the chords. The three separated chords demonstrate that a collection of sovereign individuals – though decentralized – can form a sound foundation for human freedom, strength, and progress.
We’re humbled by the opportunity to build such important technology at a critical moment in human history. Join us as we transition to the era of sovereign individuals!
At Foundation Devices, we strive to make tools that are powerful, elegant, and easy to use. Judging from the results of our customer surveys, we’re off to a good start – but we can always do more!
Bitcoin attracts users from different backgrounds and skill sets, from complete beginners purchasing their very first hardware wallet, to expert users buying an additional signing device to compliment their geographically distributed multisig quorum.
Expert users are unlikely to need the same level of hand holding as those just starting their Bitcoin journey, but we want to ensure that no sovereign individual gets left behind. Because of this, we’ve been working hard to improve our content and support options so that everyone can use Passport to its fullest potential.
At the end of 2021 we migrated our user documentation from GitBook to our own self hosted docs site thanks to the great Free and Open Source (FOSS) tool Wiki.js. We think the new layout and improved structure is easier and quicker to navigate. If videos are your thing, we have you covered with a growing collection of ~50 videos on everything from setting up Passport to creating your first sovereign multisig setup with tools like Specter and Sparrow Wallet.
Behind the scenes we’ve also migrated to our own self hosted help desk software thanks to another great FOSS tool, FreeScout. Whilst this shift might seem trivial, the move has allowed us to implement some really cool features to better support you while keeping your data safe. They include:
live chat
Got a burning question that you can’t find an answer to via our docs? You can now message us during business hours for a quick reply from one of our team members. The live chat is present on both our documentation and our main website; just click the small blue chat icon on the bottom right of your screen.
Twitter Direct Messages
If you follow us on Twitter already (follow us @FOUNDATIONdvcs if not!), one of the simplest ways for you to reach our expert support staff is to send us a direct message on Twitter, ensuring that even when you’re scrolling Twitter you have access to support where and when you need it.
telegram bot
Are you an avid Telegram user? Yeah, us too! We have a vibrant and growing community chat which you can find here. However, sometimes you may have a question that you don’t want to ask in front of hundreds of other users. To fix this, we now have our very own Telegram Bot (@FoundationDevicesBot), waiting to help you – in private – with any questions or issues. Messages sent to our Telegram bot will be picked up by the same expert support team that answers our online live chat.
pgp protected emails
PGP provides the ultimate way in which to communicate via even the most insecure mediums. We are really excited that our more privacy conscious users can now communicate with us in a fully encrypted fashion. This makes asking even the most sensitive of questions completely secure and private, even in the extremely unlikely event that our email server were to be compromised.
Simply send us an email at [email protected] using our PGP email contact key, include your own PGP public key to the email so we can respond, and enjoy the peace of mind that comes with truly privacy-preserving communications.
The Bitcoin network dictates that, to create a valid spend transaction, you must provide proof of ownership of the bitcoin being used in the transaction. This is done via the use of a privatekey to create a digital signature (or proof) that the person creating the transaction is spending the coins belonging to them. Anyone in the network can look at the provided signature and corresponding address being spent from to verify the authenticity of the transaction, without needing to know the private key of person creating the spend. Anyone with access to your private key can spend from your wallet. Now that we understand the importance of private keys, we should probably understand how to secure them properly!
A typical Bitcoin wallet, such as those found on a mobile phone or desktop applications, protects your sats with a single master secret or ‘key’. To sign off on any spend from such a wallet requires a signature from this single key. These types of wallets are colloquially referred to as ‘single-sig’, short for ‘single signature’, referring to the authentication level required to create a valid spend. Used in a setting such as a mobile phone, single-sig wallet setups provide great convenience for those on the go spends that are typically on the lower end of the value scale.
Single-sig wallets can of course be used in more secure setups, such as with an air-gapped hardware wallet like Passport. Used in this context, the key, which is required to authorize transactions, never leaves the offline device. When paired with wallet software like BlueWallet, the software manages incoming transactions and constructs outgoing spends for the offline device to read and sign using its stored key. This extra step, where the authority to spend has been removed from the ‘online’ wallet software, provides an extra security layer against potentially compromised internet connected devices.
With this simplicity comes a theoretical single point of failure. If your wallet and/or seed backup gets compromised, so does your bitcoin! Sure, you could deploy a Passphrase, but what if we wanted to take things a step further and protect ourselves against even more attack vectors?
What is multisig?
Much like single-sig, multisig (short for ‘multi signature’), derives its name from the level of authentication or ‘proof’ required to create a spend transaction. Generally speaking, a multisig wallet requires sign-off from more than one key for any spend. With multisig, you have the freedom to fine tune your wallet configuration to suit your personal circumstances. Two of the most common approaches taken today look like this:
A 2-of-3setup where 3 keys are used to create the wallet and protect the bitcoin, but only 2 of those keys are required to authorize a spend
A 3-of-5setup where 5 keys are used to create the wallet and protect the bitcoin, but only 3 of those keys are required to authorize a spend
The number of different Multisig configurations is almost limitless and can be tailored for almost any scenario. A company holding bitcoin on their balance sheet might opt to create an 7-of-12 setup where all board members hold a key and a majority (7) of them are required to authorize spends, whereas individuals would likely not require this level of complexity and would opt for a simpler setup with fewer keys to manage.
multisig benefits
So why might a sovereign individual want to consider a multisig setup? What extra benefits will be gained to offset the increased complexity?
Removal of a single points of failure – In a single-sig setup, if the device holding your private keys, or the corresponding mnemonic seed backup is compromised, so is your bitcoin. With multisig, an attacker would need access to the multisig wallet (or backup file) AND the minimum number of keys required to make a spend.
Redundancy – With a multisig wallet, you can afford to lose at least one key and its corresponding offline backup and still be able to spend your bitcoin. In a 2-of-3 setup, for example, loss of a single key would not result in a catastrophic loss of funds. Likewise, in a 3-of-5 setup, loss of two keys would not result in a loss of funds.
Protection against a compromised manufacturer – In the unlikely event that the hardware wallet used in a single-sig setup turns out to contain a malicious back door, the wallet manufacturer could wait until funds are deposited and then drain the wallet at any point in the future. In this scenario, the manufacturer may not even be at fault; the device could be intercepted in-transit and swapped with a compromised device before arriving at its final destination. When a multisig wallet is configured with devices from multiple vendors, this attack is mitigated.
multisig considerations
While multisig offers exponentially improved protection from single points of failure and improved redundancy from key loss when compared to single-sig, it does also pose some new problems that must be considered before diving in head-first.
More seeds to backup – Every device or key has its own mnemonic seed backup. Storing any of these at the same location negates the some of the benefits we outlined above. Do you have enough secure locations to store all of these seeds?
More devices to secure – As outlined above, storing these devices in the same location is an attack vector. More devices = more secure locations required.
Wallet configuration backup – In a doomsday scenario where a single key (and its backup) in a 2-of-3 setup is lost and the computer holding the wallet software is also not accessible, the remaining two keys, on their own, are not sufficient to recreate the wallet. To mitigate this, it is advisable to keep a copy of the wallet backup file with every key backup. Fortunately, modern multisig coordinator software like Sparrow or Specter Desktop offer this in a single file that can be printed or stored on a USB or microSD card. This file alone does not have the ability to spend; think of it as the ‘framework’ from which you can recreate the wallet.
Inheritance – You might be an avid Bitcoiner, keen on leveling up your Bitcoin security but is your next of kin? You might have the most secure setup the world has ever witnessed, but if only you know how to access it, your bitcoin disappears when you do! The obvious thought is to leave some detailed instructions in case of emergency, but what if those instructions were to fall into the wrong hands?
Spending inconvenience – If you need two keys to spend from your wallet, with one in your home and another a 90 minute drive away at a relative’s house, it could become a real chore if this is a wallet you’re planning to use on a regular basis.
multisig with passport
So, you’ve weighed up the pros and cons and decided to protect your bitcoin using a multisig wallet. Here’s one of the many ways you can do that easily using Passport and one of our favorite desktop wallets, Sparrow . Be sure to check out our other multisig tutorials covering BlueWallet and Specter Desktop.
https://youtu.be/Gx0mke_4BJU
Once set up, signing multisig transactions with Passport is very similar to single-sig and can be done via QR or microSD. Passport also allows you to view all of the multisig wallets it is a part of by heading to Settings > Multisig. Within the multisig menu you can also import new configurations via QR code or microSD as well as set the device’s ‘Multisig Policy‘. This setting dictates the way in which the device behaves when importing new configurations.
Multisig is an extremely powerful tool in the right hands, capable of protecting your wallet from almost all perceivable attack vectors – but it’s not without potential pitfalls! We suggest weighing the options discussed here and making up your own mind based on your own personal circumstances.
In Summer of 2020, we introduced our design for a next-generation Bitcoin hardware wallet that uses a camera and QR codes to facilitate airgapped transactions. We aimed to build a device that was beautiful, intuitive, and secure – while also being open source and assembled in the USA. We called it Passport.
We began shipping our first batch of 1000 devices, Passport Founder’s Edition, in May. We are thrilled to announce that our first batch is officially sold out!
Feedback on Passport has been overwhelmingly positive. In our recent customer survey, we received scores of comments lauding Passport’s ease of use, design, build quality, and commitment to the FOSS (free and open source software) movement.
Our users have also been spreading the good word on Twitter.
Once you use a Passport, there is no going back. Take it from the esteemed Bitcoin Q+A, who after getting his hands on a Passport and writing a fantastic getting started guide, decided to join the Foundation team in a full time role!
Passport Batch 2
We are now preparing for Passport Batch 2, which is estimated to ship in February 2022. Batch 2 will consist of 2500 devices. All long-lead time components, such as the processor and secure element, have already been procured.
The Foundation team is made up of perfectionists. So rather than continuing to ship the exact same product, we’ve made numerous improvements to the electromechanical design and manufacturing process, while keeping the security architecture and general form factor unchanged. We’ll detail these improvements over the next couple of months.
This has allowed us to substantially reduce Passport’s cost. So we are launching preorders with a special price of $199, a full $100 price drop!
As of today, you can preorder Passport Batch 2 on our website. Preorders are completely refundable, even if paid in Bitcoin.
EASIER BITCOIN PREORDERS
If you preorder in Bitcoin but change your mind, we’ll refund your entire purchase amount denominated in Bitcoin.
Likewise, if you pay in Bitcoin but the price appreciates between the day you order and the day we ship, we’ll refund your Bitcoin gains before shipping. This way you won’t have to make the difficult choice between paying in Bitcoin to preserve your privacy or losing out on potential Bitcoin gains between now and February!
Founder’s Edition Customers
To our Founder’s Edition customers – we massively appreciate your support and faith in us. Passport Batch 2 won’t ship for 3 months, but we still understand that a $100 price drop is significant. Therefore we’ll be emailing you in the next few days a 21% discount off a Passport Batch 2 unit, in case you want to buy a new Passport for yourself or for a family member.
Additionally, though Passport Batch 2 will introduce numerous improvements, Passport Founder’s Edition will continue to receive regular firmware updates! We’re excited to keep improving your Passport experience as time goes by.
The default backup for a typical Bitcoin wallet today consists of a mnemonic seed which is typically 12, 18 or 24 words in length and chosen from a universally agreed upon list of 2048 words. With this mnemonic seed you can move or recover your bitcoin into any other BIP39 compatible wallet (hint – they pretty much all are!).
Thankfully it is now common practice for Bitcoiners to store their mnemonic seed using a robust metal backup method to ensure their bitcoin is not lost in the case of disaster. But these storage methods pose a new problem to solve, what happens if someone were to find the metal backup? Your mnemonic seed, in clear text, ripe for picking to the first person that lays their eyes on it!
Sure, you could opt to use a multisig solution where a single mnemonic seed phrase does not give access to your bitcoin, but that poses many other considerations (to be covered in a future article), first amongst which is drastically increased complexity. You could also opt to use an encrypted backup which is perfectly resistant to physical attacks but does not offer the same assurances against fire or water.
Enter passphrases…
What are Passphrases
A passphrase is an additional word or combination of words that can be added to your mnemonic seed as an additional layer of security against physical attacks. A passphrase can be as short or as long as you like and can contain any combination of letters (upper and lower case), numbers or special characters. Passphrases are case and order sensitive, for example Passphrase123, 123passphrase, passphrase123 and 123Passphrase will all result in completely different wallets, each with their own unique list of addresses.
A passphrase is never stored on your signing device and will need to be entered every time you want to manage the passphrase protected wallet – fortunately Passport makes long passphrase entry simple thanks to its keypad design. Your passphrase does not replace your mnemonic seed; it is used in addition to it. If you decide to use a passphrase to protect your bitcoin, you need both your seed and your passphrase to recover funds.
should you use a passphrase?
There are two main benefits for users that choose to implement a passphrase, plus an optional third that comes with a little extra complexity.
1. Physical Attack Protection – If using a passphrase protected wallet and an attacker were to find your mnemonic seed backup, the attacker does not gain access to your bitcoin.
2. Plausible deniability – If using a passphrase protected wallet and an attacker were to hold you hostage until you gave up your bitcoin, you could have previously loaded a small amount onto the wallet without the passphrase (i.e. just your seed words). Telling the attacker where the mnemonic backup is, and allowing them to find this small amount may be enough to stop any further attack whilst the majority of your bitcoin is held safely within the passphrase protected wallet the attacker doesn’t know exists.
3. Separate Wallets – Some more advanced users may also use multiple different passphrases as a method of separating out their different pots of bitcoin. This could be for short/long term savings or for ensuring that separating KYC and noKYC funds never get merged together to protect the users privacy. It’s worth noting that the same effect can be achieved using the accounts feature on Passport.
passphrase considerations
Whilst passphrases offer many great benefits, particularly from a security standpoint, users must be aware of the considerations and pitfalls of using a wallet with passphrase protection.
1. Short Passphrases – Short 1 or 2 word passphrases from the BIP39 list or the dictionary are next to useless and can be brute forced by even modest attackers. Ensure you use a minimum of four words with numbers and/or characters being an additional bonus.
Estimated time taken to brute force different length passphrases chosen from the BIP39 word list. By Coldbit.
2. Long Passphrases – Longer passphrases are exponentially more secure, but remember, you need to enter this into your signing device every time you want to manage or spend from that wallet. If your signing device makes text entry a chore, the likelihood is you just won’t use it, or even worse, you might enter it incorrectly and cause yourself hours of confusion trying to work out why the addresses being generated don’t match those expected.
3. Storing a Passphrase – Your passphrase is part of your bitcoin backup. No passphrase, no bitcoin recovery. For obvious reasons the passphrase should not be stored in the same location as the mnemonic seed, so consideration must be made to a separate, secure storage location and medium. Imagine your metal seed backup survives a flood but the passphrase you jotted down on paper doesn’t! No passphrase, no bitcoin recovery!
4. Inheritance – Extra security is great, but will your loved ones know what to do with your passphrase in the event that you are no longer around? Would they even be able to find it?
using a passphrase with passport
So, you’ve weighed up the pros and cons and decided to protect your wallet with a passphrase, smart move! Here’s how you can do that easily using Passport.
https://youtu.be/xo6UULwmgMw
To apply a passphrase simply head to Settings > Advanced > Passphrase. Here you can opt to set a passphrase or enable the device to prompt you to enter one each time it boots (useful for users that always use passphrase protected wallets) or you can press ‘Set Passphrase’.
Next, enter your desired passphrase carefully then press continue and double check you have entered the passphrase correctly.
Any time a passphrase protected wallet is active on Passport, it will be denoted by a small ‘P’ in the top left corner.
DO NOT USE THE PASSPHRASE SHOWN
This applied passphrase will be active until Passport is turned off or the user manually clears the passphrase using the exact same method as above. If after reading this post you decide you want to add passphrase protection to your bitcoin storage setup, you will need to activate the new wallet using the process detailed above then export that new wallet to your chosen software wallet. From there you can clear the passphrase and send from your old (non passphrase) wallet across to the addresses controlled by your new passphrase protected wallet.
In Asimov’s renowned Foundation trilogy, the Galactic Empire is crumbling. Civil war and nuclear holocaust are imminent. An inevitable dark age of 30,000 years awaits humanity.
All of humanity’s knowledge will be lost.
Hari Seldon, leader of a fringe scientific movement called Psychohistory, becomes aware of this impending doom and devises a plan. Mankind will establish a colony on the edge of the galaxy – a Foundation – and catalog all of humanity’s knowledge in an Encyclopedia Galactica. This will reduce the dark age to only 1000 years and allow humanity to rebuild.
Today, we live at the intersection of three major societal shifts.
The global economy abandoned a gold standard in 1971, which has since caused the destruction of our middle class and plunged us all into drowning debt and inescapable inflation. The solution from our elected (and appointed) leaders? Print more money!
We are in the midst of a “Great Reset.” The US dollar (cough, petrodollar) is on the decline and competing powers are vying to replace it. China, specifically, aims to displace the United States as the dominant global superpower by 2049. The CCP is already exporting its tried-and-tested, authoritarian, mass surveillance system to the rest of the world.
With the invention and global adoption of the Internet, our world is entering its Fourth Stage as an Informational society. As noted in The Sovereign Individual, an eerily prescient publication, this societal shift will force the Nation State into decline.
While our world is not at risk of 30,000 years of darkness (we hope), we are experiencing hard times – and they will only continue to grow harder throughout this decade.
One potential outcome is that China becomes the new global superpower and succeeds at exporting its authoritarianism to us all. The CCP uses its digital yuan as a tool of population control and mass surveillance, creating a permanent ruling class of elites that control how money is printed and distributed. Society experiences a twisted combination of 1984 and Fahrenheit 451.
Bitcoin offers us salvation. Rather than transitioning to yet another centralized currency, fabricated by a central bank, backed by nothing – Bitcoin reaches mass adoption as the decentralized global reserve currency. We experience a separation of money and state. Permanent inflation ends. Individuals can save and invest in their future. Governments’ ability to wage endless wars, via money printing and taxation, is no more. A new peaceful, prosperous era of the sovereign individual emerges.
Bitcoin is our Foundation. Mass embrace of Bitcoin will enable humanity to minimize the duration of chaos and emerge in utopia.
A transition to a Bitcoin Standard will not be easy. In this decade we will face seemingly insurmountable resistance from a dying fiat system that is gasping for breath as it drowns. Much of this resistance will be political – governments will attempt to ban, curtail, and cripple Bitcoin as its user base grows. But Bitcoin, and its forces of decentralization, will also threaten the incumbent technology gatekeepers that control how the world accesses the Internet.
The vast majority of the world’s population accesses the Internet via devices and services made by Apple and Google. The vast majority of the world’s population uses closed source devices made by small numbers of large manufacturers. So if we want to opt out of the Fiat Standard, and opt into a Bitcoin Standard, how can we do so as the incumbents resist?
The answer is simple. We must rebuild and catalog humanity’s knowledge, just like Hari Seldon did in Asimov’s Foundation. But unlike Seldon, we don’t need to build our Encyclopedia on a remote planet on the edge of the galaxy. Instead, we can build it in the open – through the power of Free and Open Source hardware and software.
This is why we started Foundation Devices – to accelerate the adoption of Bitcoin by rebuilding and cataloging humanity’s knowledge as open source. To create a permissionless hardware and software foundation on which others can build. To help guide humanity through our transition to the Fourth Stage.
In the decentralized, peer-to-peer Bitcoin network, there are no central institutions that protect individuals from fraud or loss. Sovereign Bitcoin users must look after their own security, which makes it critically important that they are able to identify which products and services are trustworthy and safe to use.
The first step Bitcoin organizations should take in order to be considered credible is to be fully open source under the proper licensing. Open source projects are more likely to be secure because, given an active development community, a greater number of individuals are involved in inspecting and contributing to their code.
Bitcoin is an ecosystem built on a foundation of free and open source software and ideas. Progress in Bitcoin is made as we build on each other’s work. Bitcoin users must have full freedom over the hardware and software infrastructure they use – freedom to fork, freedom to change, freedom to run the programs they want without any intermediaries.
This article will explain why open source development is both more efficient from a security perspective and the only viable way forward for Bitcoin.
Civil Liberties in Hardware and Software
To understand why open source is critical for Bitcoin users, it helps to have some historical context about how the movement’s ideals emerged. Before the Copyright Act of 1976 ruled that computer programs could be considered intellectual property, software programs had often been bundled and sold together with hardware. This created a development environment in which programmers worked primarily out of passion for their field and cooperated with one another in a free-flowing, non-restrictive way.
However, after the 1976 changes to IP law, companies began working on proprietary software that could be sold on its own. This marked the beginning of a trend that gained full momentum by the early 1980s and which eventually resulted in the walled garden ecosystems we see today.
The irony for many of the originators of the technology that had enabled the personal computing era was that they believed foremost in the civic duty of sharing information for public benefit. A staunch advocate for freedom of access and development in software among this generation of creators was Richard Stallman. His writings voiced the idea that it was not enough to protect the practical aims of open information sharing – philosophical aims conducive to a virtuous society also had to be respected in software.
To reflect the importance of individual freedoms, Stallman wrote the GNU General Public License (GPL) series of copyleft licenses that protect the rights of software users, rather than owners.
In addition to all the practical benefits of open source development, the terms “Free and Open Source Software (FOSS)” and “Free and Open Source Hardware (FOSH)” imply that a product upholds basic individual freedoms and civic duty. Here, “free” refers to freedom, rather than whether or not the product is free to use.
In his writings on “nonfree” software, Stallman describes how privatization and black-boxing of code erodes our spirit of self-reliance and consequently runs contrary to the principles upon which democracies like the United States are founded. Without the ability to analyze, modify, or redistribute the software we use, we are ultimately passengers in the digital world, unable to take agency for ourselves or on behalf of our fellow citizens and neighbors.
Without the ability to analyze, modify, or redistribute the software we use, we are ultimately passengers in the digital world, unable to take agency for ourselves or on behalf of our fellow citizens and neighbors.
Bitcoin was not built to resemble the walled garden digital economy, but instead to provide a path for restoring our sense of self-sufficiency and sovereignty. In today’s world of sweeping centralization, over-organization, and lack of transparency, it is more important than ever to protect the ideals that Bitcoin stands for. The only way to work towards a future for Bitcoin in which freedom and autonomy are preserved is to support projects that are free and open source under FOSS and FOSH licenses.
Not Compromising on Open Source
In the same way that we trust the Bitcoin protocol because it is free and open source software, we can more confidently trust products that are free and open source. FOSS and FOSH licenses can help the Bitcoin community identify and give recognition to projects that uphold the full standards of transparency as well as reflect the spirit of free software and hardware.
As new waves of users enter the Bitcoin market, bringing us ever closer to mass adoption, there will also be unprecedented interest from malicious actors. In order to avoid thefts or loss of funds, a majority of new Bitcoiners may continue to consign key ownership to large exchanges or engage with Bitcoin through trusted third parties.
The custodial decisions made by new Bitcoiners will have a tremendous effect on the future of financial sovereignty in Bitcoin – and whether centralized institutions and players that have no concern for the foundational principles of Bitcoin may come to dominate the space. It is our hope that the strength of free and open source projects in the industry will incentivize and inspire new users to opt to take control of their sovereignty.
Transparency is Better than Obscurity
The way forward for the Bitcoin community—if it wants to stay true to its ideals—is the same model of open source development adopted by the original Bitcoin protocol and software. Bitcoin is a paradigm that clearly thrives on communal development, cooperation, and progressively building on shared work.
As Richard Stallman writes, “In any intellectual field, one can reach greater heights by standing on the shoulders of others. But that is no longer generally allowed in the software field—you can only stand on the shoulders of the other people in your own company.” A notable advantage of a decentralized system is in coalescing the work created by a diverse community of developers and entrepreneurs and enabling anyone to expand or improve upon that work.
A world in which we are not able to build on the intellectual progress of others is a world that would be less innovative and less secure. The hardware wallet industry is a quintessential example of how building on top of each other, rather than building from scratch, enables rapid innovation. We at Foundation are deeply appreciative of the open source projects – like MicroPython, Coldcard, and Trezor – that helped us bring Passport to market.
A world in which we are not able to build on the intellectual progress of others is a world that would be less innovative and less secure.
It is much more efficient to build in concert with developers across an active community than to draw only from the development resources of one’s own company. When a product’s open source code attracts a larger and more diverse group of contributors to verify that it functions as intended and is not susceptible to critical flaws, consumers can have more confidence that it can be trusted. The cross-referencing of the opinions of experts is a much more credible source of information to depend on than the reputation of a centralized institution.
Recent notable hacks of proprietary hardware and software illustrate how detrimental black box development can be to the security of users. Just last year, Apple’s T2 co-processor, which handles encrypted storage and secure boot capabilities, was cracked by a team of researchers who found it was vulnerable to the same “checkm8” exploit that had been used to jailbreak Apple’s A10 processor. The fact that this vulnerability originated from T2 being based on the A10 is a telling example of how developers limited to the resources of their company are less likely to understand and recognize flaws in their product. Researchers found that attackers can gain access to the T2 chip of MacBooks produced from 2018 to 2020 if they have physical possession of the device or are able to swap out one of the owner’s cables for a modified lookalike specifically engineered for the attack. The failure of these generations of MacBooks is not a good look for Apple, a company that has long projected an image of itself as more secure due to its walled garden approach.
Also last year, Intel’s Software Guard eXtensions (SGX), a security system marketed as a highly isolated enclave for safeguarding private keys, fell victim to yet another security vulnerability. The latest crack involved two separate side channel attacks capable of stealing sensitive information, and came just after Intel sought to mitigate previous vulnerabilities by modifying app-layer code. The fact that large hardware manufacturers like Apple and Intel can struggle to provide consumers with secure black box private key storage solutions is further indication that open, auditable code can be a stronger security model.
The fact that large hardware manufacturers like Apple and Intel can struggle to provide consumers with secure black box private key storage solutions is further indication that open, auditable code can be a stronger security model.
Implications for Hardware
Hardware is a delivery mechanism for software, and free and open source hardware is absolutely fundamental to creating a decentralized digital economy in which users can find trustable products – and in which rapid innovation can occur. This is why we believe meeting the criteria for free and open source software and hardware is not only beneficial for security and product improvement, but necessary for the future of Bitcoin.
To understand the specifics of the CERN OHL v2 hardware licenses and GPLv3 firmware licenses that classify Passport as FOSH, look out for our next article!
Foundation Devices is thrilled to announce that we’ve raised a pre-seed round of $2.5M led by Bolt.
Joining us are new investors Third Prime, Massachusetts Avenue Capital, Unpopular Ventures, Deep Ventures – as well as existing investors Warburg Serres, Fulgur Ventures, Inflection, and notable angels.
Bolt, a prominent early-stage venture fund, invests at the intersection of the physical and digital worlds. They were first round investors in groundbreaking hardware companies like Desktop Metal, Tonal, Nautilus Bio, and Fi.
Tyler Mincey, a partner at Bolt, is joining our board. Tyler has a highly relevant background in product management, design, and hardware/software engineering in companies large and small. At Apple, Tyler was a member of the original iPhone core team, later managed the iPod new product roadmap, and shipped over 150M units worldwide. We are thrilled to work closely with Tyler on developing new products and honing our design & manufacturing capabilities.
Foundation is building the open hardware foundation for Bitcoin and a decentralized Internet. We believe that a new Internet, powered by open source software, must run on open hardware. Today’s devices are opaque, proprietary, and restrictive. Our goal is to build a new category of sovereign computing to serve as an open platform for development of a decentralized Internet.
For Bitcoin and a decentralized Internet to succeed, users must store their own keys and run their own infrastructure. This is where we come in. Foundation believes software solutions alone are insufficient – consumers need integrated hardware and software to make it as easy to store your own keys as it is to open an account on an exchange.
Last month we began shipping our first product, Passport, a next-gen Bitcoin hardware wallet. Passport is designed to be beautiful, intuitive, ultra-secure, and completely open source. Over the next several months we will improve Passport with firmware updates and design enhancements, as well as introduce companion software to further enhance the user experience.
To date, we’ve built all of Foundation with just four cofounders. We are now excited to be expanding the team in the following areas. If interested, view our Jobs Page and email us at [email protected].
Join us in our mission to make Bitcoin and decentralized tech accessible to each and every individual in order to build a new era of sovereignty, ownership, and privacy – and empower humankind.
In April we set off to build a new type of hardware company. Instead of building closed source, proprietary hardware, we’d open source all of our work – from the firmware to the circuit designs. We’d fight back against today’s norm of security via opaqueness and instead embrace security via transparency.
Instead of releasing open source hardware catering only to developers and hardcore security enthusiasts, we’d design beautiful devices with bold, unique industrial designs and intuitive user interfaces. We’d aim to build the best products, period, and bring them to the largest number of people.
Only 8 months after launching Foundation Devices, we have finished prototyping Passport and are beginning mass production. In several weeks we will be shipping our first devices to customers across the world.
We are excited to announce that we’ve released Passport’s circuit designs as fully open source under CERN OHL S v2, and Passport’s alpha firmware under GPLv3 (and other compatible licenses). These viral, copyleft licenses ensure that others can use our work for any purpose – as long as they open source their work as well.
Open source is core to our mission and values at Foundation Devices, and we encourage other hardware companies to join the open hardware movement.
The Importance of Open Hardware
Security via openness and transparency. In a Bitcoin powered world, with immutable transactions and no recourse for thefts or loss, it is more important than ever that hardware and software are open. Security experts can easily review designs and report vulnerabilities, and advanced users can verify that the hardware and software have not been modified or tampered with.
Open hardware is likely to have fewer vulnerabilities than closed hardware. Read more in our previous post.
Building on each other’s work to innovate faster and progress society. In the hardware world today, progress is slow and siloed because each new hardware company either starts from scratch or buys proprietary IP from a small handful of companies (like Qualcomm or ARM). We think this is one of the main reasons why progress in the physical world is slower than in the digital world. In software, by contrast, developers can find tens of thousands of high quality open source libraries on Github and quickly integrate them into their projects.
Imagine if a young software startup was forced to pay Google for some proprietary IP to make a useful product and was required to sign an NDA – this is what the hardware world is like today.
Passport’s Open Source Foundation
Passport is built upon and inspired by numerous open source elements. For our hardware, we researched the architecture of popular devices like Coldcard, Bitbox02, and Trezor – all of whom post their electrical schematics on Github. We also implemented an open source true random number generator from the Betrusted project (called an Avalanche Noise Source).
For our firmware, we relied on the open source MicroPython project and used Coldcard’s open source firmware as a template. We started a new MicroPython project, did low-level bringup work for our hardware components (such as the camera), created a new user interface, and ported + modified pieces of Coldcard’s code.
We also implemented Trezor’s open source crypto library, ported Blockchain Commons’ open source UR Library to Python, and integrated two open source QR libraries.
It would not have been possible to design Passport in less than a year without building on great open source work.
Other Hardware Wallets
Currently only Passport and Trezor meet the definition of Open Source Hardware. Foundation Devices believes it is our responsibility to encourage other hardware producers to fully open source their work.
We applaud Trezor for their full embrace of open source hardware, but we suggest they license their hardware designs under CERN OHL v2.
We implore Ledger to change their approach and open source their hardware designs and proprietary firmware.
We suggest that Bitbox02 and Coldcard release their circuit design files, rather than just their schematics, so that the hardware can be fully open source.
Our beliefs about the importance of open source were inspired by both Coldcard and Trezor. When Coldcard launched in 2018, they used Trezor’s open source crypto library – and welcomed others to use their open source, GPLv3 code!
We are grateful for Coldcard’s open source firmware, of which we’ve used numerous components to more quickly bring Passport to market. However, we are disappointed that they’ve recently chosen to relicense their firmware as non-open source. The Commons Clause license condition is not open source and is and incompatible with GPL. The Free Software Foundation urges rejection of software under this license condition, and the license condition is widely criticized and on the decline.
In Summary
Passport’s circuit designs are now released as fully open source under CERN OHL S v2, and Passport’s alpha firmware is now released under GPLv3 (and other compatible licenses).
We believe open hardware improves cooperation and security and accelerates industry progress. We’re excited to bring open hardware products to the world and hope to see others do the same!
Foundation strives to build ultra-secure hardware with an open source security model. This is especially important for hardware wallets, which are used to store sizable amounts of Bitcoin and cryptocurrencies.
Today’s devices are largely designed for a pre-Bitcoin world. They are proprietary, opaque, and closed source. They are not designed to protect Bitcoin’s immutable transactions.
Take an iPhone, for example. An iPhone’s software is closed source – it runs firmware and an operating system made by Apple. There is no public code on Github. Security researchers or savvy individuals cannot audit any of the code running on the device.
Likewise, an iPhone’s hardware is closed source – its circuit board designs, list of components (commonly called the “BOM” or bill of materials), and details of component functionality are proprietary and confidential. Sure, it’s possible to conduct a tear-down and attempt to determine how an iPhone works, how the circuitry is designed, and what components it uses. But the information gleaned from such an effort is limited at best.
Does Apple encrypt your iMessages? Does it safely upload your data to iCloud? Are apps sufficiently isolated to protect you from viruses and exploits? With closed source hardware like an iPhone running a closed source operating system, it is impossible to answer these questions. Instead, we are forced to trust Apple completely with our digital lives.
In a pre-Bitcoin world, this did not matter. The worst-case scenario was that an attacker stole your personal data, bought a few items with your credit card, and Venmo’d away a few thousand dollars. You then reset your passwords, called your credit card company, submitted a support ticket with Venmo – and resumed life as usual.
In a Bitcoin world, if your money is stolen then it is gone. There is no recourse.
Today’s devices are built on a closed-source security model that is not transferable to a Bitcoin world. At Foundation Devices, we are dedicated to building ultra-secure hardware with an open source security model.
Unlike most hardware companies today, Foundation Devices:
Minimizes the use of black-box silicon – chips whose functions are unknown and are often bundled with common components like screens and touch panels.
Purchases chips and components only from reputable suppliers and distributors.
Reduces attack surfaces as much as possible.
Assembles our devices under close supervision in the USA.
Releases our hardware and software as open source.
In order to build secure hardware for a Bitcoin world, we sometimes need to take a step back in time. Many common components today are not designed for hardcore security, transparency, auditability, and openness. When designing Passport, our Bitcoin hardware wallet, we made the conscious decision to avoid the following:
High resolution displays which contain black-box silicon that could collect data or display false information.
Capacitive touch panels which contain black-box silicon that could record user inputs or hijack the device.
Lithium ion batteries which contain black-box silicon that could help attackers exploit power-related vulnerabilities.
This means that Passport uses a physical keypad, monochrome display, AAA batteries, and QR codes for communication. It somewhat resembles a Nokia phone! But it provides an excellent user experience, great design, and – most important – strong, open source security.
Most touch panels contain black-box silicon. See the chip on the data cable.
If you are looking to purchase a hardware wallet, be wary of devices that use touch screens and contain Bluetooth. Be especially wary of closed source hardware. Ask the manufacturer – who makes the touch screen and where is it produced? Is the hardware and firmware open source? Does the wallet include Bluetooth or other forms of wireless communications?
Foundation Devices believes it is important that hardware wallet makers, above all, prioritize security. Here’s how we think about security for Passport:
If it can be visually inspected, it’s the best. This is why we use a Memory Display over a high resolution OLED or TFT display, and why we use a physical keypad over a touch panel.
Minimize the use of black-box silicon and purchase all chips from reputable suppliers. Our suppliers include ST Microelectronics, Microchip, Omnivision, Analog Devices, and ON Semiconductor. Passport does not contain components from sketchy Chinese OEMs.
Crucial components should be made ourselves. Rather than relying on a proprietary true random number generator (TRNG), we implemented an open source TRNG called an Avalanche Noise Source that uses commodity components (thanks bunnie!).
Over time, as Bitcoin grows and we sell more devices, we will design open source touch screens, more secure wireless communication protocols, and open and auditable chips. We look forward to making this a reality as we build Foundation Devices!
Interested in learning more about hardware security? We recommend this talkby bunnie, renowned hardware hacker and creator of the Betrusted project.
In late July, we introduced Passport – a new Bitcoin hardware wallet that is more elegant, ultra-secure, and open source. Today, Foundation Devices is excited to announce that:
Passport is now available to preorder, with a Founder’s Edition limited to 1000 units.
Foundation Devices has raised an angel funding round from notable investors.
About Passport
Foundation Devices is building the open source hardware foundation for Bitcoin and the sovereign Internet, starting with a hardware wallet called Passport. We intend Passport to appeal to a broad audience of Bitcoiners – whether you are an expert user accustomed to hardware wallets or a new user currently storing your coins on an exchange.
Passport provides a radically simplified, zen-like user experience. Foundation Devices is working hard to eliminate the hardware wallet learning curve with a streamlined setup process, intuitive interface, and familiar navigation.
With numerous high-quality multisig software wallets entering the market, it is more important than ever that we have a hardware wallet that is easy to use and welcoming to new users. Passport is our attempt to build the “iPod” of hardware wallets.
Preorder Details
Passport is priced at $299 and includes 2x industrial grade microSD cards, 2x AAA batteries, and free shipping within the USA. Founder’s Edition is limited to 1000 units and includes an exclusive back cover design, special packaging, and a surprise gift.
Our official estimated shipment date for Passport is March 31, 2021 – but we are aiming to deliver Passport in time for the December holidays. Foundation Devices has already placed orders for long-lead time components and will finish ordering all components in the next several days. Due to COVID’s continuous impacts on global supply chains, we have chosen to be more conservative.
Please note that this is not crowdfunding – Foundation Devices already has the funds required to pay for the full production of Founder’s Edition devices. If you change your mind before Passport ships, cancel your order at any time and receive a full refund. If you stack too many sats and overdraw your bank account, we will do our best to refund you same-day! (Yes, this actually happened.)
To ensure your privacy, Foundation Devices self-hosts our website and checkout flow using WordPress and WooCommerce. Payments by credit card occur via Stripe and payments by Bitcoin occur via our self-hosted BTCPay server. We are especially proud of our beautiful BTCPay checkout design; thank you @artdesignbySF for your great work.
Open Source
Passport will be the only hardware wallet on the market – and one of the only consumer hardware devices in existence – that meets the definition of Open Source Hardware according to the Open Source Hardware Association (OSHWA).
Passport’s hardware designs will be open under CERN-OHL-S v2 and firmware under GPLv3. While other hardware wallets have open source firmware, none include hardware designs that are legally considered open source. They (1) omit design files, (2) use inappropriate licenses like GPL or Creative Commons, (3) restrict commercial use, and/or (4) lack detailed component documentation, specifically in the Bill of Materials (“BOM”).
We are a corporate sponsor of OSHWA and will be submitting Passport for official certification. All future hardware that Foundation Devices makes will be open sourced under the appropriate licenses and certified by OSHWA.
We will be publicly posting our hardware and firmware to Github later this Fall, after completing validation of our next round of prototypes.
Assembled in the USA
Foundation Devices believes in the importance of local manufacturing and more robust global supply chains. Most of today’s devices are assembled in China, a communist regime that heavily censors the Internet, surveils its citizens, and seeks to undermine citizens’ privacy and sovereignty. This creates numerous geopolitical and security issues, especially with the rise of Bitcoin. Our devices will soon be safeguarding trillions of dollars of value – it is imperative that we trust our hardware manufacturers.
We therefore chose to assemble Passport locally, in the USA, and purchase all of our components from American companies and distributors. While many components still originate from Asia, the critical parts – such as the screen, processor, secure element, and camera – all originate from highly reputable suppliers. And circuit board assembly, device assembly, provisioning, and testing all take place in the USA. The Foundation Devices team will be on-the-ground at the factory during production.
To our knowledge, Passport is the only hardware wallet assembled in the USA. For advanced users, it may be prudent to add Passport to your multisig setup in order to defend against potential supply chain vulnerabilities.
Progress
We’ve been hard at work over the last five months designing Passport, prototyping, and preparing for production. Here’s an overview of our progress to-date:
Enclosure
We completed the design of the enclosure and are currently prototyping via 3D printing. We have placed orders for long-lead time enclosure components, including the keypad assembly and copper-plated zinc alloy casted part.
Circuit Boards
We completed design of the circuit boards and have completed two prototype revisions. We will be ordering our third revision of prototype boards in the next several days. Novel features include:
Camera for scanning QR codes.
AAA battery power.
Avalanche noise source, an open source true random number generator that uses standard components (no black-box silicon).
Sharp Memory LCD, which has circuitry etched directly into glass for easy visual inspection, and unlike most displays includes no black-box silicon.
Firmware
We forked Coldcard’s open source firmware (licensed as GPLv3) and have made numerous changes. We anticipate finishing v1 firmware by end of November. We intend to contribute relevant improvements back to Coldcard. Changes include:
A new UI with simple navigation via a navpad and dedicated select buttons.
Changes to all copy and radical simplification of menu structure.
Ability to scan QR codes and transmit PSBTs via QR codes.
Code reorganization to comply with Micropython best practices.
Implemented new device drivers for Passport components including camera, screen and keypad.
New keypad controller to allow for more advanced input, such as long-presses.
Ultra-fast keypad responsiveness.
We ported Blockchain Commons’ UR Standard (for data transmission via multi QR codes) to Python. This can be seen on our Github.
We created a font converter to generate python code from BDF fonts. This can be seen on our Github.
Funding
Foundation Devices recently raised an angel round to fund development and production of Passport. Thank you to our investors for enabling us to build a hardware company that believes in open source, sovereignty, and privacy.
Bitcoin passing $11k signals a new bull market, with incredibly exciting times ahead for Bitcoiners as we prepare to welcome a new flood of users into the ecosystem. But we must ask ourselves – how will new Bitcoiners store their coins? Will they use Coinbase, who already holds almost 1 million Bitcoin? Or will they embrace sovereignty, privacy, and ownership by self-custodying their own Bitcoin?
Foundation Devices believes that today’s hardware wallets make the wrong security and design tradeoffs. They’ve worked for us early Bitcoiners so far because we are willing to deal with difficult interfaces, metal seed backups, safety deposit boxes, Shamir’s Secret Sharing, and so much more. But they won’t work for the new wave of incoming Bitcoiners as we reach mass-adoption by the end of this decade.
Bitcoin needs a hardware foundation that is beautifully designed, easy to use, and open source. Most of today’s hardware, including Ledger wallets, are closed source. As Bitcoin’s market cap grows to the trillions, so do the incentives for attackers to compromise closed-source hardware. We must rebuild today’s hardware stack to be open source, auditable, and verifiable – from the chips to the circuit boards to the firmware and beyond.
Foundation is taking our first step on this journey by introducing an elegant, secure, and open source hardware wallet named Passport. We are thrilled to officially announce Passport today, and are accepting reservations for our first edition batch of 1000 units.
So what makes Passport special? Passport is designed to be elegant; something every Bitcoiner would be proud to carry. We use high quality materials like soft-touch plastic and copper-plated zinc alloy. At 4 inches long x 1.5 inches wide x 0.8 inches thin, Passport is comfortable to hold and use.
Passport’s interface is intuitive and familiar, with a simple navigation pad and physical alphanumeric keypad. There’s no need to learn how to navigate the menus and enter PIN numbers and passphrases – you already know how to use Passport.
To sign transactions, simply insert a microSD card or scan a QR code. Wallets like Bluewallet already support multi-QR transmission, and Passport is compatible with any software wallet that supports PSBTs over microSD or QR.
Passport is open source and uses the same high-level security architecture and firmware base as Coldcard, with a Microchip secure element and STM processor. The circuit board designs and firmware will be published on Github in the coming weeks, with hardware licensed under CERN’s Open Hardware License V2 and firmware under GPL3. No unknown code will run on the device.
Completely airgapped, Passport is powered by two AAA batteries and includes no USB port, Bluetooth, or wireless communications of any kind. Passport has numerous security features, such as security lights and an avalanche noise source for entropy. And Passport uses more trustable components, like a screen with circuitry etched directly into glass, which allows for easy inspection at production.
Foundation Devices, headquartered in Boston, is focused on building open hardware for Bitcoin and the sovereign Internet. We will proudly assemble Passport in the USA.
We cannot wait to tell you more about Passport in the coming weeks! Passport will launch for preorders in August and will ship by late December. We have already received over 500 email reservations for our first edition batch.
Learn more about Passport and reserve yours below!
And feel free to check out the FAQs and contact us at [email protected] with any questions.
Foundation Devices is proudly headquartered in Boston, the birthplace of the American Revolution. The USA was established 244 years ago on the belief that all individuals deserve life, liberty, and the pursuit of happiness. Bitcoin captures these same ideals, providing sound money that lowers our time preference, allowing us to accumulate savings and invest in our future.
At Foundation, our mission echoes these values:
Foundation Devices strives to empower humankind – to make Bitcoin and decentralized tech accessible to each and every individual in order to build a new era of sovereignty, ownership, and privacy. Our products are the foundation of a better, sovereign Internet.
Foundation will push for a new American Revolution – a revolution in American manufacturing.
Before Bitcoin, American manufacturing of electronic devices added cost without adding proportional value. For example, a phone manufactured in the USA is not necessarily more useful or higher quality than a phone manufactured in China. Buyers in the USA might be excited to pay more for the phone because it’s “Made in the USA,” but there is no functional benefit to making the phone locally.
Bitcoin changes this. With immutable transactions on the Bitcoin blockchain, there is no recourse if funds are stolen. There’s no bank to reverse the transaction, no credit card company to issue a refund, no FDIC insurance to protect institutions against loss. Bitcoin devices must securely store private keys and safeguard against numerous attack vectors. This turns traditional hardware security models upside down.
Currently most electronic devices originate from China. You may be comfortable with the risks of having your phone made in China. But what about your Bitcoin hardware wallet?
We are at the beginning of a slow transition to sovereignty and privacy. Bitcoin wallets will replace bank accounts. Private keys will replace passwords. Money, identity, and data will be controlled by individuals instead of institutions.
In this new paradigm, we need more trustable hardware. We need components from reputable suppliers and tight control over supply chains. We need to be physically present on the factory floor and ideally own our own manufacturing facilities. We need open source, auditable designs. And we need to build our hardware in jurisdictions which stand for basic human rights and freedoms.
Yes, in America our unalienable rights are regularly being put to the test, recently with a Coronavirus-fueled government push for greater surveillance capabilities and a ban on end-to-end encryption. But Foundation is optimistic that Americans will prevail. Groups like the EFF are vigorously fighting for our freedoms – and countless individuals and organizations will continue to speak out.
Foundation will assemble our devices in the USA. We say “Assembled in the USA” rather than “Made in the USA” because most components originate from Asia. This is sadly the state of the hardware industry; almost nothing is made in America anymore. To mitigate this, Foundation is purchasing key components – such as the processor, secure element, and screen – from reputable suppliers that are headquartered outside of China (specifically STMicroelectronics, Microchip, and Sharp). And we are buying all our components through American distributors like Arrow who have high quality standards and strong supply chain oversight.
So what exactly are we doing in America?
We are headquarted in America and pay American taxes.
We design our products in America.
We prototype our products in America, using equipment from American companies like Formlabs and American quick-turn prototyping facilities.
We purchase components exclusively from American distributors or suppliers.
We assemble our circuit boards in America.
We assemble and test our devices in America.
We package and ship our devices in America.
We conduct regulatory testing at American facilities.
We work with an American industrial design firm.
Foundation will strive to continuously onshore our supply chain. This will increase our costs, as American labor is more expensive, but the benefits are significant and it will enable us to build more trustable devices. We believe our customers will be willing to pay a modest premium for sovereign hardware made in the USA.
We have a lot of work to do. It’s not enough for key components to originate from outside of China. We need to bring semiconductor production back to the USA so that critical chips can be produced domestically. We need more efficient processes for plastic and metal production so that we can build enclosures locally. And we need to competitively produce common circuit board components, such as resistors and capacitors, in America. Tariffs will help us, as well as other government incentive programs. Foundation will be leading the charge!
Our first product, a Bitcoin hardware wallet called Passport, will be assembled in the USA. We’ll be publishing more info about Passport over the coming weeks. Pre-orders will open later this summer for shipping later this year.
As Bitcoin appreciates in value, it is more important than ever that we encourage users to withdraw their coins from exchanges and store them securely. For the average user, storing sizable quantities of Bitcoin requires a hardware wallet.
But how do we evaluate the security and trustability of the numerous hardware wallets available on the market today?
Foundation is concerned with new entrants making false claims with regard to open source security models and trustability. We believe it is imperative that our industry self-regulates and follows a clear set of disclosure criteria – so that hardware wallet buyers can make well-informed purchasing decisions.
In this post, we propose a set of criteria with which to evaluate hardware wallets. To avoid bias, this post does not attempt to rank the security or trustability of any specific hardware wallet, and all company and product names have been redacted in quotations.
Proposed Criteria:
Open or Closed Security Model
Trustable Components
Trustable Supply Chain
Present vs. Future Capabilities
Honest Claims
Security Certifications
Bitcoin PSBT Support
Read on for more details!
Open or Closed Security Model
Hardware wallet producers must disclose whether their security model is open or closed source. There is no middle ground. If parts of the design are secret – such as undisclosed portions of the circuit schematics, redacted component information, or closed source code – then the hardware wallet is closed source.
Foundation has recently observed bizzare open source claims from hardware wallet producers. For example, one claimed to have “pioneered the hardware wallet industry’s first open source secure element firmware” – while not disclosing that the device’s operating system is closed source!
This same producer claims that their “hardware wallet application layer, device schematic (circuit diagram), and bill of materials (BOM) are also open source” – but does not mention that their schematics are omitting certain information and that their BOM does not include details of the secure element chip.
Another popular producer rightfully states that the apps running on its hardware wallets are open source, but fails to mention that the device firmware itself is closed source.
This is important because most consumers take open source claims at face value. If they are told that a hardware wallet is open source, they expect that experts in the Bitcoin community are able to research and verify the hardware and software running on the wallet. We must provide consumers with accurate information and empower them to make informed purchasing decisions.
Furthermore, it takes a great deal of time and effort to open source hardware products. Producers must provide proper documentation, comments, and build instructions for firmware. Circuit schematics must be legible, self-explanatory, and properly formatted. Electrical designs must be exported to the correct file formats. Bills of materials must detail every component. Datasheets for each component must be provided when possible.
If our industry becomes comfortable with a degraded definition of open source hardware, then we reduce the incentive for producers to be honest and forthcoming. We risk “open source” becoming a buzzword that every hardware wallet producer slaps onto their marketing material in order to sell more units.
For more detailed guidance, we strongly encourage open source hardware wallet producers to comply with OSHWA criteria and open source all hardware under CERN’s Open Hardware License (OHL). This covers many edge cases, such as components on the BOM requiring manufacturer NDAs for datasheet access.
Foundation is currently unaware of any hardware wallet that meets OSHWA criteria and is open sourced under CERN OHL or a similar open hardware license.
Trustable Components
A hardware wallet must be ultra-secure. Therefore, hardware wallet producers must carefully select components that can be trusted. Since hardware today can not be fully trustless, as we must rely on third party components and global supply chains, Foundation refers to trustworthy components as “trustable.”
Below are common hardware wallet components and potential concerns.
Screen Does the screen include an integrated processor running closed source firmware? Most modern high resolution displays are running black-blox silicon. Is the supply chain opaque? Most AMOLED and E-Ink displays have highly proprietary supply chains. What company manufactures the screen – is it an OEM off Alibaba or a more reputable company like Sharp?
Touch Panel If using a touch panel instead of a physical keypad or buttons, does it contain an integrated processor running closed source firmware? Most high-quality multitouch surfaces include an embedded CPU.
Processor (also referred to as MCU) What company manufactures the processor? Is it a small China-based producer or a more reputable company like NXP, STM, or Microchip?
Secure Element Is the secure element a “dumb” device that cannot execute code, or is it running firmware and an operating system? Does the hardware wallet producer know what firmware is running on the secure element, and do they open source that firmware? Is the secure element a black box? What company manufactures the secure element – a small China-based producer or a more reputable company like NXP, STM, or Microchip?
Camera Does the camera include an integrated processor running closed source firmware? Most cameras do. If so, does the hardware wallet sanitize the input from the camera, and can the hardware wallet producer demonstrate this by open sourcing the code?
Lithium Ion Battery Does the battery contain an integrated processor running closed source firmware? Some hardware wallet attack vectors include monitoring the power consumption during usage. What company manufactures the battery?
Foundation is heavily inspired by the work of bunnie, a well known open source hardware expert. Read more about trustable hardware on his blog.
Trustable Supply Chain
Hardware supply chains are complex, and it is rare to see vertically integrated hardware producers. Most hardware companies rely on contract manufacturers, and all hardware companies rely on component supply chains that originate in China. So that buyers can make an informed purchasing decision, Foundation believes that hardware wallet producers must disclose the following:
Suppliers of key components such as the screen, touch panel, secure element, camera, and battery. This should be done even if the hardware wallet is closed source, as it is trivial to identify this information with a tear-down.
Name and location of third party engineering firms that contributed to hardware wallet design. For example, buyers need to know if a US-based wallet producer outsourced electrical engineering work to a firm in China.
Location of contract manufacturer(s). While it is prudent to keep manufacturer names confidential for security reasons, it is important to know the general location of manufacturing. For example, buyers need to know if a European wallet producer outsourced manufacturing to China.
Present vs. Future Capabilities
Hardware wallet producers will improve their products over time, both by adding new features and responding to bug reports and vulnerabilities. We know that it is tempting to rush a hardware wallet to market in order to generate revenue as soon as possible, but producers must understand that they are selling important security devices. The industry must judge hardware wallet producers on the capabilities of their devices today – not based on future roadmaps.
We’ve recently observed new hardware wallet entrants promise to open source components of their designs in the future, or add critical features like PSBT support in a future release.
In a Twitter DM with one hardware wallet producer, I asked in regard to a mobile companion app:
So you’re comfortable letting your customers use the app, but won’t release the code?
They replied:
We are comfortable letting users use the app. We just think doing code audit before open source it is a responsible way compared to directly open source it.
This is mind-boggling to me, as the company admitted that it feels comfortable having users download a closed-source, unaudited companion app and use it to secure their cryptocurrency. Our industry must judge hardware wallet producers by the present capabilities of their devices, and push back hard on any company that states “we will do X in the future.”
Honest Claims
Foundation has observed numerous false claims by hardware wallet producers with regard to device security and capabilities. Most consumers do not have the expertise to determine whether claims are truth or fiction. Therefore, the community must hold hardware wallet producers accountable and call out any false or exagerated claims.
Below are some claims we’ve recently observed:
Hackers simply cannot even attempt to steal your crypto
The first Bitcoin wallet to secure against physical attacks
The combination of multi-layer and multi-sig protections creates the most physically secure storage wallet every created
Thanks to its innovative key generation and recovery system, you will always be safe from any attack
The WORLD’S FIRST Multicurrency, Non-electronic Hardware Wallet
[Wallet] adopts an industry-first 2-Factor Key Generation (2FKG) process for the production and private key generation for our physical wallets. The 2FKG process ensures the highest safety standards for your cryptocurrency assets.
Anti-Tamper: Theft are not an issue as [Wallet] is protected from physical attacks.
The Cold Wallet, not just a hardware wallet. Air-Gapped. Anti-Tamper. Trustless Trust
The [Wallet] is built around the most secure type of chip on the market, ensuring optimal security for your crypto.
The Best Security…[Wallet] offers the best level of protection: your key remains protected in a certified secure chip.
Many of these claims are complete lunacy (“Hackers simply cannot even attempt to steal your crypto”), but many buyers of hardware wallets will take these claims at face value. Others are more nuanced (“built around the most secure type of chip on the market”), but are attempting to state opinion as fact.
Hardware wallet producers must understand that they are not selling toaster ovens or calculators – they are selling important security devices that are designed to safeguard large amounts of cryptocurrency. Hardware wallets are imperfect. Hardware security is imperfect. There will always be vulnerabilities. Producers must make honest claims.
Security Certifications
Some hardware wallets producers advertise security certifications like EAL5. There is nothing inherently wrong with security certifications, but we must recognize their shortcomings.
Component producers pay certification organizations to certify their products. It’s important to understand this incentive structure.
Certification processes do not cover every attack vector; components are placed through a predefined process with predefined scenarios.
Certifications are not a replacement for independent reviews.
We as an industry cannot allow hardware wallet producers to hide behind security certifications. For example, a recently launched hardware wallet producer described its product as follows:
A 100% offline, anti-tampered cryptocurrency hardware wallet and the only one in the world with the highest security certification for its secure firmware (EAL7)
I emailed the company asking for further clarification on whether the firmware was open, and was told:
We’ll make a lot of the code available on github etc, but our secure firmware which has earned the highest security certification in the world (EAL7, as per press release tomorrow), will be closed sourced (as well as the secure element). We hope to go more towards the open source end gradually.
This is massively misleading for average consumers who do not understand how security certifications work. We cannot allow new hardware wallet producers to hide behind certifications as an alternative to making their devices open source and auditable.
Bitcoin PSBT Support
As a bonus, Foundation believes that hardware wallets that support Bitcoin should clearly disclose whether or not they support partially signed Bitcoin transactions (PSBT). PSBT is a standard format for Bitcoin transactions which, among other things, makes it easy to create multisig setups across different hardware and software wallets.
Hardware wallets producers that do not support PSBTs are perpetuating walled-garden ecosystems, discouraging Bitcoin innovation, and drastically increasing the difficulty for software wallet developers to integrate with new hardware wallets.
Conclusion
Foundation hopes that this post is a starting point in a larger conversation around hardware wallet requirements in the Bitcoin and cryptocurrency industry. We must self-regulate in order to provide consumers with the most secure possible products in order to safeguard their assets.
Our entire world is based on trust. We trust that our banks will safeguard our deposits; we trust that companies will keep our personal data private; we trust that governments will keep us safe.
But is this sustainable? Over the past decades our trust in critical institutions has slowly eroded. Irresponsible banking practices plunged us into repeated economic crises. Facebook and Google collect our personal data at an unprecedented scale, while repeatedly failing to implement sufficient safeguards against data breaches and leaks. And now, as the COVID-19 crisis progresses, our governments are working with tech companies to expand mass-surveillance capabilities.
The solution is clearly a sovereign Internet and financial system built on Bitcoin and other sovereign technologies. Bitcoin allows us to opt out of the existing system, transacting peer-to-peer without trusted third parties.
Open source makes Bitcoin possible. Without open source, there would be no way to independently verify that Bitcoin has a maximum supply of 21 million coins; there would be no way to understand how it functions. Without Bitcoin’s open source code, we would be forced to trust third parties. Open source is the bedrock of our emerging sovereign Internet.
At Foundation Devices, we strongly believe that open source software alone is insufficient – open software must run on open hardware. And while we’ve seen immense progress in the FOSS movement and Bitcoin, we’ve seen little progress in open hardware.
Hardware today is a web of proprietary intellectual property, non-disclosure agreements, and security-via-opaqueness. Want to know more about how that hardware wallet keeping your Bitcoin safe? Sign that NDA and learn about that EAL5+ security certification and proprietary operating system!
Ledger Nano X product page
This opaque hardware security model may be fine for your passport or credit card. But with the rise of Bitcoin and cryptocurriencies, for the first time ever real money can be stolen without any recourse. No bank or credit card company can reverse a Bitcoin transaction. No government will provide your Bitcoin wallet with FDIC insurance.
If an employee at Ledger adds a vulnerability to the proprietary, closed source firmware running on the STMicroelectronics (STM) security chip, your funds could be stolen. If a security researcher discovers a vulnerability in the STM security chip, you will not be notified without signing an NDA. If a government works with STM to insert a backdoor into their security chip, you will never know.
With Bitcoin’s market cap at around $160B, there are minimal incentives for our institutions to misbehave. But what about at a $1T market cap? $10T? The incentives continue to grow, and it is inevitable that companies and governments will attempt to compromise Bitcoin hardware in this decade.
And what about when every device is transacting with Bitcoin, sending machine-to-machine micropayments? What happens when our entire economy is built on Bitcoin? Every device – from cellphones to laundry machines – becomes a hardware wallet.
Closed, trusted hardware security models no longer work in a Bitcoin world!
So what do we do? We build open source hardware. We start by designing products with more trustable components, assembled in a more trustable USA-based facility. We produce open source, legible circuit schematics using a respected license like CERN’s Open Hardware License. We publish all firmware as open source under MIT or GPL3 licenses. We clearly identify the components that require trust, such as the processor and secure element, and we work to source or build our own components that are more open and trustable.
In addition to emphasizing open source, we deliver great design and UX. We make open hardware with mass-consumer appeal. We prove that open hardware can be beautiful, intuitive, approachable. We demonstrate that open hardware can sell!
We start with a hardware wallet and move to other critical products. We build the open hardware foundation for Bitcoin and the sovereign Internet.
We believe Bitcoin and decentralized technologies will empower the individual, leading to a better world where people control their own data and their own money. This is the dream for our industry; this is the reason why so many of us have chosen to start or join Bitcoin companies. We seek to eliminate the need for trusted third parties – like banks, cloud providers, and even governments – in order to make our systems more efficient and more accessible. And we seek to move power away from central points of failure to the edge; to the people.
As we build our industry from the ground up, we must remember this principle. We must build products and services that enable individual sovereignty.
We are concerned that today’s most mature Bitcoin and decentralized tech companies are the most centralized and opaque. Coinbase provides a custodial exchange. Blockchain.com provides a hosted wallet. Bitmain is a web of secrecy. Our industry’s biggest players provide trusted exchanges, trusted wallets, trusted mining pools, trusted lending services, trusted nodes – and even trusted hardware wallets! (Yes Ledger, we are referring to you.)
Have we forgotten the point of it all? Have we forgotten why we are all here?
So many of the Bitcoin products and services that successfully enable sovereignty – like Electrum, Wasabi, Samourai, Nodl, and Coldcard – are fantastic offerings that lack consumer-oriented UX. While we love and use these products, they will never “cross the chasm” to the land of mass consumer adoption.
We worry that as Bitcoin and decentralized tech reach the next phase of adoption, the vast majority of consumers will become dependent on centralized providers. We will have succeeded at creating a different financial system with different intermediaries. But we will have failed at empowering the individual and building a new Internet.
This is why we started Foundation – to make beautifully designed, open source hardware for Bitcoin and the decentralized Internet. To bring great design and UX to hardware wallets, nodes, and more. To allow mass consumers to securely use and store Bitcoin while maintaining their sovereignty. To help our industry cross the chasm while staying true to our founding ideals.
We call this open hardware. And we are excited to bring it to the world.
Our Mission
Foundation Devices strives to empower humankind – to make Bitcoin and decentralized tech accessible to each and every individual in order to build a new era of sovereignty, ownership, and privacy. Our products are the foundation of a better, sovereign Internet.
Our Values
Foundation offers best-in-class security and privacy via openness. No walled gardens; no closed source engineering. We are the antithesis of existing tech companies.
Foundation products are beautiful, intuitive, and approachable. Bitcoin and decentralized tech already have a steep learning curve; our products do not.
Foundation gives sovereignty to individuals and businesses. We empower you to take ownership and control of your money and your data.
Foundation products reflect our optimism about the future. We are building a better Internet based on a better form of money. Our products feel positive, aspirational, and a bit sci-fi.
Next Steps
This summer, Foundation will launch a new Bitcoin hardware wallet that provides the same security model as Coldcard while offering a beautiful, intuitive hardware and UI design. From day one our hardware wallet will be compatible with popular desktop and mobile applications. We will open source all circuit schematics, design files, and firmware – and we will assemble exclusively in the USA.
Over the next several weeks Foundation will release blog posts discussing the importance of open source hardware, diving into hardware challenges faced by our industry, and providing more details about our upcoming hardware wallet.
