Skip to main content

Author Archives: Zach

Envoy version 1.3.0 is now live!

Posted on July 31, 2023 - 11:00 am by

We’re excited to announce that the latest version of Envoy1.3.0 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

Please note that there can be a lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.

What’s changed

In this version of Envoy we’ve implemented the ability to redeem azte.co vouchers with a single QR scan in Envoy directly to your mobile wallet, added the ability to cycle through units by tapping on amounts, the ability to update Founder’s Edition devices directly from Envoy, and focused heavily on refining user experience for Envoy mobile wallet users.

With the release of our last major version of Envoy, we transformed Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features in addition to its role as Passport companion app. With that came many new screens and features, so we’ve taken this release to focus on iterating and bringing many bug fixes and quality of life improvements for all our fantastic Envoy users.

As you may have noticed, we’ve skipped v1.2.0 and jumped straight to v1.3.0 as we realized we had too many important changes to be made during the beta period for v1.2.0. As a result this changelog includes all major changes introduced in v1.2.0 as well, so it’s extra long and extra exciting.

For more details on each of the changes, keep reading below!

New Features

  • You can now redeem azte.co vouchers directly in Envoy with just a few taps!
    • Getting those no-KYC sats directly from Azteco just got much easier, as you can simply scan an Azteco voucher QR code and sweep the funds directly into Envoy by scanning the QR code from any screen ????
    • Azteco allows you to buy Bitcoin vouchers from your local corner store just like you’d top up a pre-paid phone plan. Buy with cash and get Bitcoin directly in your mobile wallet or cold storage for one of the fastest and most private ways to acquire Bitcoin out there.
https://youtube.com/shorts/6TWEaWcyFQ0
  • Added the ability to cycle through units (fiat/BTC/sats) by tapping on the amount when building a transaction.
  • Those of you rocking Founder’s Edition devices can now update within Envoy, just like with our latest Passports!
  • Malaysian Ringgit added as supported currency – Hi Malaysia!! ????????

Improvements

  • Rearranging accounts has been completely rewritten and is now sexier and smoother than ever before! Organizing your accounts has never been so satisfying.
  • Added prompts to help users find features that could otherwise be hard to discover. These can be easily dismissed as you learn more about using Envoy.
  • Added a warning if Envoy’s mobile wallet contains more than $1000, reminding the user of the danger of keeping lots of funds on a mobile wallet.
  • Updated the look of the account cards, adding a bit more elegance and refinement.
  • Updated the way decimal units of fiat values are displayed when typed in the Send screen.
  • If you lose internet connectivity while on the go, Envoy will now update balances instantly without needing to refresh the app when connection is re-established.
  • Sent transactions will now displayed instantly, instead of waiting to hear from the Bitcoin node you are using in Envoy.
  • Improved how we display progress when scanning animated QR codes during the Passport connection flow.
  • Swapped the send and receive button locations to be more logical, and improved the appearance of the QR scanning button.
  • Improved the user experience when updating firmware for Passport via Envoy.
  • Improved the “Back up now” button user experience in Backup settings to give feedback and a status spinner while backing up.
  • Added additional contextual text and links when the accounts screen is empty.
  • Made it easier to distinguish when you’re using testnet accounts by using “tsats” and “TBTC” as the unit.
  • Added the ability to mute the explainer video for Magic Backups.
  • Improved the wallet deletion flow.
  • Improved the screens a user sees in failed states due to connectivity issues or restoration failures with Envoy backup files.
  • Improved handling when using Android’s native back button for getting out of Passport accounts.
  • Added the ability for users to save and manually share error logs with support if needed.
    • This error logging only happens locally and must be shared manually by the user to best preserve user privacy.
  • Sending amounts below a “dust” threshold will now show an error instead of having the “Continue” button become unresponsive.
  • Added explanatory texts when Testnet is enabled.
  • Other minor icon and text updates to make processes smoother and more understandable.

Bug Fixes

  • Fixed an issue preventing onboarding on iPhone SE.
  • Fixed an issue where importing Envoy mobile wallet from a QR code incorrectly said it failed when it actually succeeded.
  • Fixed minor copy and UI issues throughout the app.
  • Fixed how some screens in Envoy were handled on devices with small screens.
  • Fixed an issue where the audio for the Magic Backups explainer video could continue playing in the background even after the user closes it.
  • Fixed a minor issue with the “+” button disappearing in rare scenarios.
  • Fixed handling of very large amounts when using sats as the unit.
  • Properly refresh transaction list when the wallet syncs again after losing internet connectivity.
  • Fixed an issue where users could be shown the onboarding for a second time in rare scenarios.
  • Fixed a rare issue where updating an account name could fail.
  • Fixed an issue where reordering accounts could occasionally make them swap colors.
  • Fixed a minor issue where the user could type infinite zeroes after the satoshi unit in the send screen.
  • Fixed an issue where scanning an address would reset the amount on the screen if this was typed before the address was scanned.
  • Fixed an issue where a “not a valid address” banner would continue displaying for a long time after a dynamic QR code was scanned.
  • Fixed an issue where recovering from a seed that had never been backed up in Foundation servers could generate two identical hot wallets.
  • Fixed an issue where recovering from an invalid QR seed would crash Envoy.
  • Fixed a rare issue where while on certain pages, the shield chevron could be behind OS controls.

Verifying Envoy on Android

If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

Make 12 Words the Standard

Posted on June 22, 2023 - 2:14 pm by

As we expand our audience to more Bitcoin beginners, we’re constantly on the lookout for ways that we can simplify and improve the user experience for those using Envoy and Passport. We’ve focused on efforts that help to abstract away the difficulties that come with the concept of seed words for new users through implementing Magic Backups in Envoy and encrypted microSD backups for Passport, but for our users to retain full sovereignty the option of using basic seed words has and always will be a core feature of our products.

One of the longest held beliefs in the Bitcoin space is that using a longer seed phrase (i.e. 24 words instead of 12) is a way to future-proof the security of your funds. Because of this belief, most hardware and software wallets default to using 24 word seeds, something that adds additional friction to users as they need to store a very large secret and verify it properly. Unfortunately, this belief is based upon a narrow view of private key security, and forces unnecessary burden on users with little to no real-world benefits.

In this blog post we’ll walk through how private key security works in Bitcoin, how seed phrases are only one piece of that security, and why we think we should make 12 word seed phrases the standard moving forward.

Don’t have time for the full post? The tl;dr is that the lowest hanging fruit for an attacker is always reverse engineering a private key from a Bitcoin address known to contain funds, even when using “only” a 12 word seed phrase. However, this is a complex and nuanced topic, so keep reading below to get a better understanding of why this is true!

What is a private key?

In Bitcoin, a private key is created through simply choosing a random number between 1 just under 2256 (that’s over 115 quattuorvigintillion for those of you keeping score). This number must be chosen in a truly random and unrepeatable way, so we rely on things called “random number generators” or “true random number generators” in computers and hardware wallets to ensure that the source of entropy (read: randomness) is good enough to produce truly random results. To get a better idea of what the chances of randomly guessing the same number as someone else are, here is a great and brief video on the topic:

https://youtu.be/S9JGmA5_unY

The reason this number must be between 1 just under 2256 is that Bitcoin uses a 256-bit elliptic curve called secp256k1, so the most secure random number for your private key will be in that range. When you choose a number, this is translated to points on this elliptic curve (a type of graph, in essence), giving you a fully functional public key from that one number. This operation is something that is very quick to generate a private key, but practically impossible to reverse engineer a private key from a given public key (i.e. a Bitcoin address).

When you generate a private key in Bitcoin it looks something like this:

1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD

Note how hard it would be to properly write down or memorize a private key in this format. Enter BIP 39, a proposal that allowed us to use a list of words to securely and deterministically (read: repeatably) generate a private key from that list of words.

Private keys made human

Seed phrases as we know and love them were introduced way back in 2013, and quickly gained adoption as they greatly simplified the process of setting up or restoring wallets in Bitcoin. As a set of words in the same order will always generate the same private keys, we can simply save these words and be sure that we can always recover funds properly. Seed words must be a minimum of 12 words in length, but can be as long as 24 words if desired.

When you generate a seed phrase, it will look something like this:

fit hen toward recycle detail raise glare gate diagram room vendor lesson

As Bitcoiners have a penchant for maxing out security and always keep a long-term view when approaching their money, most jumped directly into using the maximum length seed phrase of 24 words from the get-go, as it theoretically provided more entropy (which people viewed as more security) than smaller seed phrases. But how secure really is a seed phrase, and how does it compare to the security of a private key itself? How can an attacker actually attempt to steal funds from a given Bitcoin wallet?

Attacking your private keys

To better understand how secure private keys and seed phrases are, we first need to look at what an attacker can do to try and steal Bitcoin from your wallet through cryptography alone. There are two basic attacks that can happen against your private keys in Bitcoin:

  1. An attacker can attempt to guess the words and order of your seed phrase in its entirety
  2. An attacker can attempt to reverse engineer a private key from a given public key (Bitcoin address)

The first attack is often called a “brute-force attack,” as it involves an attacker trying over and over again to guess the correct secret – in this case a seed phrase. When using a 12 word seed phrase there are 204812 possible word combinations, of which some are able to be immediately discarded due to a failing checksum, meaning the number of valid seed phrases is actually 2128 (or 340,282,366,920,938,463,463,374,607,431,768,211,456). Yes, you read that right. In order for an attacker to correctly guess your 12 word seed phrase would require billions of years using modern supercomputers. In essence, there is no real-world possibility of an attacker correctly guessing your 12 word seed phrase.

The second attack is also known as solving the Elliptic Curve Discrete Logarithm Problem (ECDLP). While it is trivial to generate a private key and derive public keys from it, there is no efficient way to recover a private key from a given public key. The asymmetry of this aspect of elliptic curve cryptography is at the core of securing Bitcoin (along with many other tools for freedom, including HTTPS security for websites, the Tor network, Signal messenger, and more). As Bitcoin reveals all public keys and amounts publicly, an attacker could choose a given public key with a large amount of Bitcoin (i.e. Satoshi’s known addresses) and attempt to solve the ECDLP for that public key.

Bitcoin uses the secp256k1 elliptic curve, a 256-bit curve that is well understood and vetted in the cryptography space. An attacker would need to leverage the best known attack, Pollard’s rho algorithm, which takes a number of operations equal to about half the curve size. This means that an attacker attempting to solve the ECDLP for a given Bitcoin address would need to perform 2128 operations (or 340,282,366,920,938,463,463,374,607,431,768,211,456) in order to guess the private key correctly. Performing that many operations on modern computers would take in the billions of years. In essence, there is no real-world possibility of an attacker solving the ECDLP for a given public key.

To put those numbers in perspective, solving the ECDLP for your public key or guessing your seed phrase randomly is less likely than picking the same atom out of the universe. The security provided by the unimaginably large numbers we’re discussing here securing your Bitcoin keys is hard to fathom, but comparing it to more tangible numbers like these can help. This security means that attacking a 12 word Bitcoin seed or solving the ECDLP for a given Bitcoin address are both considered infeasible with modern computers.

12 words is the sweet spot

So how does this all add up to a 12 word seed phrase being the ideal length? A 12 word seed phrase contains 128 bits of entropy, allowing it to be used to generate private keys with the full 128 bits of security provided by secp256k1. We broke down the rough estimates for solving the ECDLP or guessing a given 12 word seed phrase previously, but this means that a 12 word seed phrase is the minimum length to not hamper the security of the underlying private keys. If we shortened the seed to, say, 10 words, we would be reducing the security of the private keys and making both the underlying private keys more insecure and providing an easier brute-force attack against the seed words.

If you were to use a 24 word seed phrase, even though it would provide additional entropy when generating private keys, the underlying private key would still be broken in 2^128 operations — exactly the same as a 12 word seed. This means that longer seed phrases will not add additional security to the underlying private keys themselves, and only increase the difficulty of brute-forcing a given seed phrase (something that is already statistically impossible for a 12 word seed phrase).

While we can increase the protection against brute-force attacks of a seed phrase by increasing the number of words, the core security of your funds in Bitcoin remain the security of the underlying private key itself — even when using a longer seed phrase. The lowest hanging fruit for an attacker is always to attack the cryptographic security of a Bitcoin address they know contains Bitcoin, rather than attempt to guess a seed phrase with funds.

Bringing things back to reality

In summary, the security of a 12 word seed phrase is roughly equivalent to that of the underlying security of a private key in Bitcoin, and any additional theoretical security gained through using a larger seed phrase has no impact on real-world attacks. 12 words provide the required amount of entropy to generate a secure private key and more than enough security against a brute-force attack at the same time.

It’s important to note that far and away the largest cause of lost Bitcoin is not theft, but rather a user failing to properly secure their seed phrase. Any reduction in the barrier of entry to proper backup, storage, and recovery of a seed phrase will lead to a real reduction in the amount of Bitcoin lost forever. In addition, the other major ways to lose funds are to have them stolen by an attacker finding a seed phrase or socially engineering a user into giving up their seed phrase. Both of these attacks do not gain any protection or resilience through using a longer seed phrase.

If no additional security is gained in the real world by doubling the length of the secret we need people to store from 12 words to 24, doubling the amount of words to enter when restoring, and doubling the amount of words to verify on initial setup, we can further lower the barrier of entry to Bitcoin by leveraging the immense security provided by “only” a 12 word seed phrase for all new users.

We do still think it’s important to abstract away the foreign concept of seed words whenever possible, but we will always want our users to be able to easily move to other wallets, be protected if we disappear one day, and have full sovereignty when it comes to their private keys. As a result we will always build in strong and seamless support for seed words in our products, and starting soon we will default to 12 words when creating a new wallet in Passport.

Let’s make 12 words the standard.

Dive deeper

If this intro to private key security piqued your interest, we’ve collected our favorite resources on the topic below for you to learn more about how the cryptography and security behind Bitcoin’s immensely powerful design:


    A special thank you to Luke Parker, a brilliant developer and cryptographer in the space who helped to review and give detailed feedback in the process of writing this post.

    This Month in Sovereignty: May 2023

    Posted on June 21, 2023 - 1:43 pm by

    While we already had a lot slated for the month of May, the combination of big releases, the Bitcoin conference in Miami, and the drama around Ledger’s new “Recover” service made for an explosive few weeks! We’ll get you all caught up with the latest at Foundation and in the space in this month’s newsletter ????

    Dive into the latest updates below, and be sure to subscribe if you want to stay informed on all things sovereignty moving forward!

    This month at Foundation

    With the rush to safety in open-source software and hardware in the wake of Ledger’s debacle, we’ve seen an unprecedented month of sales for Passport! As a result we sold out of all of our current stock, but were already ramping up production and have begun shipping pending orders. We’re expecting to have Passport back in stock for new orders in the next 2 weeks, and will keep you all up to date along the way.

    Now onto the updates we have for you all this month!

    Updates

    We announced a groundbreaking release of Envoy, our mobile companion app for Passport, just in time for Bitcoin Miami. This new update transforms Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features.

    • Announcing Envoy Wallet: Bitcoin Simplified
    • “Notably, Envoy Magic Backups take the pain and worry out of setting up and backing up a mobile wallet, allowing you to get up and running in 60 seconds and restore your wallet anytime, on any device, in just two taps. It’s time you experienced Bitcoin, simplified.”
      • Learn how Magic Backups work in less than 40 seconds!
    • “We expect Envoy Magic Backups will lead to a massive increase in self custody, with easier onboarding than you’d find at any Bitcoin exchange or custodian.”
    • Download Envoy today

    In the first week of May we debuted a massive new update to Passport to our fantastic community in Passport’s new firmware, v2.1.1:

    • Passport version 2.1.1 is now live!
    • “In version 2.1, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including backporting v2.1 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP-85 and Nostr key support and export, and BIP-85 SeedQR exports. Features, features everywhere.”
    • This version of Passport firmware brings a wealth of new features, all securely backed up via encrypted microSD backups. Bringing the ability to manage all of your hot and cold wallets, all of your Nostr keys, and all of your friends and families wallets (if you choose to act as an “Uncle Jim”) under a single encrypted backup or seed phrase is a powerful thing. Peace of mind + powerful features.
    • You can read more about our new Key Manager extension that enables all of these incredible features here.

    Blog posts

    Due to our approach with Envoy as a mobile wallet being so different from other wallets out there, we took the time to walk through every detail of Envoy as a mobile wallet, including the new Magic Backups feature that enables <60s onboarding and 3-tap recovery:

    • Announcing Envoy Wallet: Bitcoin Simplified
    • “Envoy introduces a new seed-less onboarding experience called Magic Backups. While Envoy users can of course manually handle seed words if desired, we aimed to engineer a solution that enables 60-second onboarding and automatic encrypted backups of Envoy’s private key and application data (such as settings and labels), with a full restore taking just three taps.”

    With the release of our latest Passport firmware we debuted two major new features in BIP 85 (or “deterministic child seeds”) and Nostr key support. Because of the changes these bring and the possibilities they open up, we highlighted them in a special blog post:

    Journey to Sovereignty

    In May, we got the chance to sit down with Czino and Steph from Peach Bitcoin and learn what they’ve been building, why P2P Bitcoin exchanges are vital, and much more. We also used the latest episode to unpack all of the happenings at Foundation.

    • EP #10 – Make Bitcoin P2P again w/ Peach Bitcoin
      • If you’ve been hearing the hype around Peach Bitcoin or simply starting to look into acquiring Bitcoin via a P2P exchange, today’s episode is for you! We’ll be diving into why Peach exists, how it’s different from the other P2P exchanges out there, and answering all your questions.
    • EP #11 – Open source is winning
      • It’s been a crazy last few weeks here at Foundation, so we wanted to focus this episode on chatting about all that we’ve launched, how the Ledger Recover fiasco has played out, and what we’re working on next.
      • We cover Passport’s new Key Manager extension, Envoy as a standalone mobile wallet, its new Magic Backups 60s onboarding and 3-tap recovery, and more on this episode of Journey to Sovereignty.

    You can follow the podcast on your favorite platforms, including Apple Podcasts, Spotify, Google Podcasts, and Fountain, a Bitcoin-powered podcast platform where you can support content creators directly with your sats.

    If you listen and boost Journey to Sovereignty on Fountain, we forward 100% of the sats you send us to other free and open-source projects we love in the Bitcoin space:

    What we’re following

    If you’ve been following Foundation for any length of time, you’ll surely know that we’re huge fans of decentralized and peer-to-peer Bitcoin exchanges as an immensely valuable tool. This month our Head of Customer Experience, BitcoinQnA, put together a guide on using Robosats on his site, bitcoiner.guide:

    In the wake of the Ledger “Recover” fiasco, we’ve compiled some of the best resources on the topic so far to get you up to speed:

    This month in digital sovereignty

    We were thrilled to see that the Federal court system in the US finally codified protections for those coming into the US when it comes to warrantless phone searches:

    A fantastic organization focused on incentivizing and organizing the funding of open-source projects, OpenSats, announced that they received a $10m grant to drive open-source contributions to Bitcoin, Nostr, and more.

    • OpenSats Receives Additional Funding of $10m from #startsmall
    • “We are delighted to announce that OpenSats has received a generous donation of $10 million from Jack Dorsey’s philanthropic initiative, #startsmall, which will be used to support the development of free and open-source software and projects focusing on bitcoin, nostr, and related technologies.”

    In the same vein, the Human Rights Foundation donated $450,000 in grants from its Bitcoin Development Fund towards Bitcoin development in May, focusing on “improving Bitcoin scaling, privacy, decentralization, supporting global education, censorship-resistant communication, and building communities worldwide. Areas of focus include Africa and Asia”:

    • HRF Bitcoin Development Fund Grants $455,000 to 12 Projects Worldwide
    • “In 2020, the Human Rights Foundation launched a fund to support software developers who are making the Bitcoin network more private, decentralized, and resilient so that it can better serve as a financial tool for human rights activists, civil society organizations, and journalists around the world.

    This month’s step towards personal privacy and security

    Properly securing accounts can lead to much better privacy by reducing the amount of data leaks and hacks you experience as a result of stolen or leaked credentials. Password managers make it extremely simple to manage usernames and passwords across all of the sites and apps you use, without needing to re-use passwords (or username or email!) in order to remember them. This has drastic implications on security, and is a huge step forward in your journey.

    Migrating to a password manager is also a great chance to think twice about which accounts you actually need, and close those that you don’t need in the process.

    • Bitwarden
      • Bitwarden has become the gold standard for open-source password managers, as it has rich features, a generous free plan, and excellent clients on all platforms along with fantastic browser extensions.

    What we’re working on

    Our focus this month is around iterating on Envoy as a mobile wallet, building out full Taproot support for Passport, and supporting the Oslo Freedom Forum by donating 15 Passports to activists attending the event.

    We’re excited to continue helping bring freedom via Bitcoin to people across the globe, and supporting such a critical event is a key way we can help to do that. Keep an eye out for more on the freedom front, as we’re working on big things behind the scenes!

    To keep up with what we’re building, you can follow us on Twitter, on Nostr, or subscribe to our newsletter on our website so you can stay in the loop.

    Announcing Envoy Wallet: Bitcoin Simplified

    Posted on May 17, 2023 - 10:55 am by

    We’re thrilled to announce a groundbreaking release of Envoy, our mobile companion app for Passport. This new update transforms Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features.

    Envoy makes financial sovereignty more accessible than ever before and radically lowers the barriers to Bitcoin self custody.

    Notably, Envoy Magic Backups take the pain and worry out of setting up and backing up a mobile wallet, allowing you to get up and running in 60 seconds and restore your wallet anytime, on any device, in just three taps. It’s time you experienced Bitcoin, simplified.

    Read below to learn more, or dive right in and download Envoy now!

    THE BEST OF BOTH WORLDS

    With mobile wallet support in Envoy, the combination of Envoy + Passport empowers you to store your wealth in an ultra secure, intuitive hardware wallet while also spending Bitcoin on the go in just a few taps. Move funds back and forth between Envoy and Passport, make airgapped transactions, and access your spending and saving balances from anywhere – all in a single app!

    Not a Passport owner? This update introduces full Bitcoin wallet functionality on your iOS or Android phone. Use Envoy to store and spend your Bitcoin with strong security, privacy via Tor, and a streamlined setup experience.

    We are excited to bring our best-in-class design, intuitive and approachable user experience, and peace of mind to smartphone users across the globe – no Passport required.

    WHAT IS A “MOBILE WALLET?”

    In Bitcoin, the term “mobile wallet” refers to any wallet that keeps your keys on an internet-connected smartphone for easier spending and receiving of funds. While you should not keep your life savings in a mobile wallet, it provides easier access to a small amount of Bitcoin for spending, withdrawing from an exchange, and onboarding new users.

    Envoy has traditionally been a “watch-only wallet” that connects to Passport, allowing you to view your balance and create transactions, but providing limited functionality when you are away from your hardware wallet. Now you can enjoy Envoy as a full-featured Bitcoin wallet on the go.

    EXPERIENCE MAGIC BACKUPS

    Envoy introduces a new seed-less onboarding experience called Magic Backups. While Envoy users can of course manually handle seed words if desired, we aimed to engineer a solution that enables 60-second onboarding and automatic encrypted backups of Envoy’s private key and application data (such as settings and labels), with a full restore taking just three taps.

    Additionally, we wanted to ensure that Envoy does this without collecting any user data – no email address, no passwords, no IP address (when Tor is enabled) – no friction!

    We expect Envoy Magic Backups will lead to a massive increase in self custody, with easier onboarding than you’d find at any Bitcoin exchange or custodian.

    HERE’S HOW ENVOY MAGIC BACKUPS WORK

    1. Envoy generates a seed and stores it on your phone’s secure element.
    2. Since most users have iCloud Keychain or Android Auto Backup enabled, the seed is automatically synced to your other iOS or Android devices – fully end-to-end encrypted, without needing to give Envoy permission to access your iCloud or Google account. This encryption means that only you can access this data, not even Apple or Google.
      • Learn more about iCloud Keychain.
        • “iCloud protects your information with end-to-end encryption, which provides the highest level of data security. Your data is protected with a key that’s made from information unique to your device, and combined with your device passcode, which only you know. No one else can access or read this data, either in transit or storage.”
      • Learn more about Android Auto Backup.
        • “Android preserves app data by uploading it to the user’s Google Drive—where it’s protected by the user’s Google account credentials. The backup is end-to-end encrypted on devices running Android 9 or higher using the device’s pin, pattern, or password.”
    3. Envoy then creates a backup file containing your app settings, account labels, and other non-sensitive app data, so that Envoy can be restored to its exact previous state. This folder is end-to-end encrypted with your seed so that Foundation can never see the contents. We call this the Envoy Backup.
    4. The fully encrypted Envoy Backup is uploaded to Foundation’s servers, alongside a hash of the seed (a cryptographic representation of the seed that proves your knowledge of the seed, not the seed itself!) so that we can ensure no one else can attempt to download your backup without proving knowledge of your seed phrase.
    5. There is no Foundation user account, no email, no password – all you need is access to your iCloud or Google account.

    RESTORING FROM MAGIC BACKUPS

    If you lose your phone or delete the Envoy app, restoring your wallet takes only a few seconds with Magic Backups.

    1. Envoy checks the secure element on your phone and looks for the seed.
      • If it discovers a seed on the secure element, Envoy hashes the seed and sends the hash to our server.
        • This merely proves your knowledge of the seed and does not reveal your seed to Foundation in any way!
      • If it does not discover a seed, it accesses the encrypted backup from iCloud Keychain or Android Auto Backup and restores the seed to the secure element. Then Envoy hashes the seed and sends the hash to our server.
    2. Envoy then downloads the encrypted Envoy Backup from our servers.
    3. Envoy uses the seed to decrypt the Envoy Backup file locally (on your phone!) and restores all user settings, account labels, and other app data – so it’s like you never left.

    OTHER NOTABLE CHANGES

    We’ve also added the following features and improvements in this release:

    • Biometric/PIN authentication. Now you can protect your mobile wallet or Passport balances from prying eyes
    • Ability to swipe on accounts to hide balances while you’re on the go. For example, you can display your mobile wallet balance but hide your hardware wallet balance.

    TRY ENVOY TODAY

    We’ve released this new version of Envoy to all major platforms, so you can choose the method that suits you best below:

    1. If you’re on iOS, you can install Envoy from the App Store using the following link:
    2. For those on Android, you can either find Envoy in the Play Store, install via F-Droid, or download the app directly from Github (Envoy is fully open source!):
      • Play Store
      • F-Droid
      • GitHub
        • Download the APK titled “envoy-apk-1.1.3.apk” directly from the above link and install
        • As this APK is signed with our own keys instead of Google’s keys via the Play Store, if you’re using the Play Store version you’ll have to uninstall Envoy first before installing the public beta

    HOW CAN I GIVE FEEDBACK OR GET SUPPORT?

    As you use Envoy as a mobile wallet, we’d love to hear from you – every issue, bug, or favorite feature! There are three main places you can go to give us feedback or get help with Envoy:

    1. We have a standalone Telegram channel for our community that you can join and give feedback or get support
    2. You can email us
    3. You can direct message us on Twitter

    WHAT’S NEXT

    The release of Envoy as a mobile wallet paves the way for a range of roadmap items we’ve been planning for some time, and we can’t wait to build on this strong foundation of simplified Bitcoin usage. Next you’ll be able to jump in the ???? with thousands of other Bitcoiners, become a ????, or ⚡ your way to a cup of coffee — all within Envoy!

    We’re excited to release the next piece of your financial sovereignty toolkit to the masses and onboard a wave of Bitcoiners to self-custody, privacy, and financial sovereignty sat by sat.

    Now back to building.

    Announcing Envoy Wallet

    Posted on May 17, 2023 - 10:55 am by

    We at Foundation are thrilled to launch a major update to our Envoy mobile app for iOS and Android, transforming Envoy into a standalone mobile Bitcoin wallet with a magical setup experience. For more details, read the official press release below.

    FOUNDATION LAUNCHES ENVOY WALLET WITH MAGIC BACKUPS, LOWERING THE BARRIERS TO BITCOIN SELF CUSTODY

    Updates to Envoy and Passport hardware wallet mark significant advancements in the company’s mission to empower individuals to reclaim their digital sovereignty.

    Foundation Devices (“Foundation”), a leader in the development of Bitcoin-centric tools, today announced a major update to its Envoy mobile app, transforming it into a standalone Bitcoin mobile wallet with powerful account management and privacy features. This update is a significant step in Foundation’s mission to make digital sovereignty more accessible and to lower the barriers to Bitcoin self-custody.

    The new Envoy update introduces Envoy Magic Backups, a feature that simplifies the setup and backup process for a mobile wallet. Users can now get started in 60 seconds – without seed words – and restore their wallet anytime, on any device, in just two taps. This update empowers users to store and spend their Bitcoin with strong security, privacy via Tor, and a streamlined setup experience.

    “With this update, we are excited to bring our best-in-class design, intuitive and approachable user experience, and peace of mind to smartphone users across the globe – no Passport required,” said Zach Herbert, Co-Founder and CEO of Foundation.

    In addition to the Envoy update, Foundation announced a price reduction to $199 for its highly rated Passport hardware wallet. Customers who ordered in the last 90 days will be eligible to claim a $50 gift card for the Foundation store.

    Foundation also released a major new Passport update. The introduction of the Key Manager extension enables two powerful new tools in child seeds and Nostr keys, both of which are derived directly from a user’s seed on Passport and automatically backed up to microSD.

    “Foundation is committed to making Bitcoin and decentralized technologies accessible to everyone,” Herbert added. “These updates mark significant advancements in our mission to empower individuals to reclaim their digital sovereignty. We’re excited to continue delivering products that usher in a new era of freedom and prosperity for users worldwide.”

    About FoundatioN

    Founded in April 2020, Foundation is dedicated to making Bitcoin and decentralized technologies accessible to everyone, enabling users to reclaim their digital sovereignty. The company’s open-source products include Passport, a best-in-class Bitcoin hardware wallet, and Envoy, a mobile Bitcoin wallet.

    For more information about Foundation and its products, visit foundationdevices.com.

    This Month in Sovereignty: April 2023

    Posted on May 11, 2023 - 9:54 am by

    Our team has been busy throughout the month of April with major new releases of Envoy and Passport firmware along with preparations for a busy conference season, kicking off with Bitcoin Miami.

    Dive into the latest updates below, and be sure to subscribe if you want to stay informed on all things sovereignty moving forward!

    This month at Foundation

    Updates

    In the first week of May we debuted a massive new update to Passport for our fantastic community in Passport’s new firmware, v2.1.1:

    • Passport version 2.1.1 is now live!
    • “In version 2.1, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including backporting v2.1 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP-85 and Nostr key support and export, and BIP-85 SeedQR exports. Features, features everywhere.”
    • This version of Passport firmware brings a wealth of new features, all securely backed up via encrypted microSD backups. Bringing the ability to manage all of your hot and cold wallets, all of your Nostr keys, and all of your friends and families wallets (if you choose to act as an “Uncle Jim”) under a single encrypted backup or seed phrase is a powerful thing. Peace of mind + powerful features.
    • You can read more about our new Key Manager extension that enables all of these incredible features in our latest blog post, or in our support docs here.

    April was also a month filled with major amounts of internal testing and multiple public betas as we continued to test Envoy as a standalone wallet before public release:

    • Envoy Wallet Open Beta
      • With this open beta we’re greatly expanding what Envoy is capable of, making it a feature-rich Bitcoin hot wallet in addition to its existing role as a watch-only wallet and management app for Passport.

    Blog posts

    April was a quieter month from us on the blog side as we focused heavily on software and firmware releases internally while preparing for a busy season of conferences and big announcements around Bitcoin Miami 2023.

    With the release of our latest Passport firmware we debuted two major new features in BIP 85 (or “deterministic child seeds”) and Nostr key support. Because of the changes these bring and the possibilities they open up, we highlighted them in a special blog post:

    Last month we published the first edition of “This Month in Sovereignty,” kicking off this outlet to keep up with what we’re doing here at Foundation, what we’re reading, and what we’re following in the space:

    Journey to Sovereignty

    In April, we walked through what VPNs are and why they’re an immensely valuable tool for Bitcoiners, and then sat down with Ivan from Breez to learn about how they’re building an open-source toolkit to enable easier self-sovereign Lightning apps moving forward.

    • EP #8 – Let’s make (good) VPNs the standard
      • If you’ve heard the term “VPN” from a sketchy ad during a YouTube video or a shadowy super coder, you might have been turned off to the concept. Today we’re going to break down what a VPN is, how one works, and why they’re actually amazing tools for your every-day-carry digital toolkit. Let’s make (good) VPNs the standard.
    • EP #9 – Making self-custodial Lightning easier w/ Ivan from Breez
      • If it’s seemed too daunting to use Lightning without sacrificing custody of your Bitcoin, what Breez is building might be just the solution you need. On this week’s episode we sit down with Ivan from Breez to talk about the future of self-custodial Lightning and how we can beat fiat at it’s own game.

    You can follow the podcast on your favorite platforms, including Apple Podcasts, Spotify, Google Podcasts, and Fountain, a Bitcoin-powered podcast platform where you can support content creators directly with your sats.

    If you listen and boost Journey to Sovereignty on Fountain, we forward 100% of the sats you send us to other free and open-source projects we love in the Bitcoin space:

    What we’re following

    Matt Odell released a fantastic and deeply important episode of Citadel Dispatch this month on the shocking use of Chainalysis closed-source data and tooling to prosecute a seemingly innocent person for running the Bitcoin Fog centralized mixer.

    One of the best educators in the space, Econoalchemist, put out a detailed review and guide around using Passport this past month in Bitcoin Magazine. He walks through initial setup, comparisons to Founder’s Edition, and how to use Passport to reclaim your privacy in Bitcoin via Sparrow Wallet.

    As the Tor network continues to undergo a concerted DDoS attack by an unknown entity, they have narrowed down potential solutions and are focusing on implementing a novel proof-of-work algorithm to the connection flow for Tor users.

    This month in digital sovereignty

    Our very own BitcoinQnA released a major update and expansion of his open-source educational website and resource, bitcoiner.guide, this month. It now features a beginner, intermediate, and advanced track, a new look, Nostr live chat and lots more content!

    Blue Wallet, a fantastic mobile wallet with excellent support for Passport, released a major new update that includes a fixed Payjoin implementation and an initial release of BIP 47 “PayNym” support (receive only for now)

    The U.S. government continued their push against encryption and personal privacy this month with three new or renewed bills to restrict our freedom online. The EFF has done a fantastic job covering these new developments below:

    This month’s step towards personal privacy and security

    As we covered the topic at length in one of this month’s Journey to Sovereignty episodes, we figured it would make sense to focus this month’s actionable step towards personal privacy on using a privacy-preserving and non-logging VPN provider.

    While a VPN provider isn’t a perfect solution to network privacy issues, it does allow you to shift the trust from your network provider (home ISP, mobile carrier, etc.) to a 3rd-party you trust more than them (and one that doesn’t have your personal information or address). Once you’re using a VPN, you’re actively preventing the sites, apps, and tools you interact with online from learning your home IP address and connecting all of your activities back to you.

    Our team is a big fan and many of us are users of two well-known VPN providers in the space which we’ve linked below for easy reference. Both IVPN and Mullvad accept Bitcoin (on-chain and Lightning) for subscriptions and require no information from you to create an account, not even an email address!

    Please note that we have no direct affiliation with either provider and don’t profit off of your use of either, we just love their approaches and use them ourselves.

    What we’re working on

    In May we’ll be attending Bitcoin Miami with a large portion of our team, and can’t wait to meet some of you all there! We’ll also be selling Passport directly from our booth, making conferences the best way to buy Passport without disclosing any information (even shipping address) to us or anyone else.

    We also can’t wait to get Envoy as a standalone wallet out to the general public, and will be releasing it ahead of the conference so keep an eye out for that.

    To keep up with what we’re building, you can follow us on Twitter, on Nostr, or subscribe to our newsletter on our website so you can stay in the loop.

    All your wallets, one backup

    Posted on May 10, 2023 - 2:32 pm by

    With the release of our latest update for Passport, we’ve empowered you to leverage your Passport for far more than just a cold storage wallet. The introduction of a new “Key Manager” extension enables two powerful new tools in child seeds and Nostr keys, both of which are derived directly from your Bitcoin seed on Passport and automatically backed up to microSD. All of your wallets under one backup.

    As both of these features are entirely new to our products, we’ve set out in this blog post to explain how you can use them, detail some real world use-cases, and walk through how all of this is possible from a simple Bitcoin seed phrase.

    BIP 85 done right

    While the ability to create nearly infinite child wallets from a single master seed phrase has been around for a few years in BIP 85, the complicating factor has always been how to implement in a way that is intuitive and easy to use. In previous attempts at allowing users to generate child keys they’ve required manual index backups, had no ability to name the keys themselves to differentiate them, and have pushed the feature to only the most advanced Bitcoin users.

    As one of our goals at Foundation is to bring Bitcoin self-custody down into the real-world and make it more approachable, we spent many hours working with our design team to make Key Manager accessible for even the least technical users. That work has culminated in an extension that takes one click to enable and then guides you through every aspect of key management, regardless of background or expertise.

    Key Manager at a glance

    Let’s get to the fun stuff — how does all of this actually play out when using Passport? All you have to do to unlock all of this new functionality in Passport is to enable the Key Manager extension from the settings menu. Just a few presses and you have a new card on your home screen that lets you create and manage BIP 85 child seeds and Nostr keys with a few clicks! View all your keys, distinguish them quickly by unique icons, and manage their names in seconds.

    Once you have enabled Key Manager, creating a new key is incredibly straight forward. Simply navigate to the new Key Manager card on your home screen and select “New Key.” Choose how many words you want the seed to be and the new key is automatically saved via encrypted microSD backups. When you need to use the new child seed in another wallet, simply select “Export,” choose whichever format your favorite wallet supports, and import it. It’s that easy.

    Using Key Manager in the real world

    Still wondering how all of this can help you? Let’s walk through some real-world examples of ways that you can leverage child seeds to simplify and safeguard your Bitcoin journey. Once you’ve secured your Passport backup properly — either by encrypted microSD backups or manual seed backup — you can start creating child seeds for all kinds of uses without the additional headache of needing to back each of them up separately.

    One of the most common and immediately useful ways to leverage child seeds is by using a child seed from Passport for your mobile wallet of choice. Simply turn on your Passport, navigate to the Key Manager page, create and name a new key, and then export as a QR or seed words and setup your mobile wallet. In just a few minutes you have a highly secure backup already in place for your new mobile wallet, but can spend easily and freely on the go. This makes pairing Passport with Envoy as a mobile wallet the best of both worlds.

    Another common use-case for our more privacy-minded community is to use a child seed from Passport to create a hot wallet for mixing in Samourai Wallet or Sparrow Wallet. You can now easily keep those funds in your mixing wallet while you’re reclaiming your privacy without an additional seed to back up (or potentially lose). You can even leverage Sparrow Wallet to mix from that new child seed directly to Passport using our Postmix extension, bringing privacy to your cold storage without all of the normal headaches. Privacy meets peace of mind.

    Lastly, child seeds present an incredible way for those who are more knowledgeable and further along in their Bitcoin journey to help back up funds of close family and friends while they’re learning the ropes. You can generate child seeds for your parents, your kids, or your friends who are new to Bitcoin to help get them started while reducing the risk of them losing precious sats. While this does give you access to their bitcoin, it’s a great temporary tool while they get comfortable using Bitcoin.

    But wait, there’s more!

    That’s not all that the Key Manager extension enables, though! We’ve also been building out full Nostr key support as a part of the extension, allowing you to leverage the power of child keys to create Nostr keys directly from your Bitcoin seed on Passport. One master backup with Passport and all your Nostr keys are safe and secure.

    When you want to create that new Nostr key, it’s as easy as navigating to the new Key Manager card, selecting “New Key,” choosing the “Nostr” option, and then naming it as you see fit. Whenever you want to login to a Nostr client, simply export the new key to QR and scan it from your favorite client (Amethyst currently supports this) or export to microSD as a text file and copy paste if necessary. No more worrying about losing your Nostr key.

    While it’s not live in this release, we’ve also been hard at work implementing delegated key signing a la NIP-26 into Passport. This new approach to key management means that you can leverage a child key to sign-in and use Nostr without ever exposing your master Nostr key to the world. This standard and implementation are still in their infancy, but we’re excited to help grow the ways that our users can leverage Passport to empower their freedom in areas outside of Bitcoin alone. We’re thankful for all those working on freedom tech more broadly and we can’t wait to get delegated key signing in your hands shortly.

    Driving Nostr forward

    Nostr key management is one of the areas where Nostr is very early in development today, so we’ve been working hard as a team to find ways that we can give back to the Nostr ecosystem and help to drive forward mature standards. One of the ways we have worked to improve the ecosystem is by helping expand the standard for Nostr key derivation in NIP-06 to include generating multiple keys properly. We helped to develop and test a derivation method that would allow you to generate practically infinite usable Nostr keys from a single Bitcoin seed and contributed that tested definition to the official repository on Github.

    Another key way we have worked to help grow the Nostr key management ecosystem is through funding bounties to implement Nostr key QR login and delegated key use in Amethyst, one of our favorite Nostr clients today. Taking the time to create issues for features you love and drive open bounties incentivizes developers to implement these features and rewards them for their incredible contributions to free and open-source code, something that is absolutely vital to continuing to grow the FOSS movement!

    If you’re on Nostr today, be sure to follow us below to keep up with the latest things we’re building, writing, and sharing:

    What’s next

    We’re also working on expanding the Taproot payments support added in this version into full Taproot support to both send and receive, implementing NIP 26 support as mentioned above, and much more. We hope you enjoy the new features in Passport’s latest firmware as much as we do, and we can’t wait to hear your feedback on what uses you find for child seeds, Nostr keys, and so much more!

    If you’d like to learn more about the technical details and usage of Key Manager, you can jump right into our detailed support docs below:

    Passport version 2.1.2 is now live!

    Posted on May 8, 2023 - 3:35 pm by

    We’re excited to announce that the latest version of Passport firmware – 2.1.2 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.

    WHAT’S CHANGED

    In version 2.1.2, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including backporting v2.1 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP 85 and Nostr key support and export, and BIP 85 SeedQR exports. Features, features everywhere.

    For more details on each of the changes, keep reading below!

    NEW FEATURES

    • Backported our firmware from Batch 2 to Founder’s Edition, bringing firmware parity for all of our early supporters
      • We’re thrilled that those of you running Founder’s Edition devices will now have the latest and greatest features and improvements that we’ve been developing for Passport
      • This backport also means that we will be able to keep Founder’s Edition firmware up to date with Batch 2 as they now use the same base code
    • Added support for sending to Taproot (“P2TR”) addresses
      • Welcome to the world of Taproot, where you can now send transactions to any Taproot address (those starting with “bc1p”)
    • Added a “Key Manager” extension for enabling advanced functionalities
      • To learn more about our newest extension, dive into our support docs
      • You can use Key Manager to generate and export:
        • BIP 85 child seeds, allowing you to backup only Passport’s seed and be able to recover other wallets directly from Passport’s seed
        • Nostr private keys, allowing you to securely generate, easily backup, and recover your Nostr private keys directly from Passport or Passport’s seed
          • Simply display your Nostr key as a QR code and login directly to your favorite app with a single scan. No more copy-pasting private keys.
          • See how fast this can be in our Twitter post with video
          • Thanks to greenart7c3 you can use this today in Amethyst, a fantastic Android Nostr app!
        • …And possibly more in the future! This is a great place for open source tinkerers to add other keys they want to Passport’s firmware
        • Please note that if you export keys as QR codes, you should be careful what you scan them with! Apps like Google Camera will often open the content of the QR code in your default search engine, exposing that key to Google etc.
      • Any keys you set up will be automatically backed up to microSD in an encrypted format, making recovery a breeze
    • Added support for exporting BIP 85 seeds via SeedQR
      • Exports are possible via SeedQR and Compact SeedQR
      • Importing SeedQR is coming soon!
    • Allow users to display their PIN when entering it by pressing the “UP” key during PIN entry
      • Just in case you want to be sure you have it entered correctly, be sure not to do this in a place where it might be seen!

    IMPROVEMENTS

    • Cleaned up our C code, optimizing our firmware and giving more space for amazing new features
    • Make “Erase Now” no longer the default selected option when you enter the erase screen, just to be sure an itchy trigger finger won’t accidentally erase your Passport
    • Ensure Founder’s Edition properly communicates its device information to Envoy
    • Passport will now indicate that it’s 30 seconds away from auto-shutdown by dimming its screen
    • Removed support for 18-word seed phrases as they are very, very rarely used

    BUG FIXES

    • Fixes a bug where the backups folder was sometimes not created on the microSD. When this occurred Passport would also fail to create the backup file.
    • Improved error handling and prevention in displaying transaction info
    • Better handling of errors caused by other wallets’ multisig config formats
    • Fixed a display issue with the screen brightness icon
    • Fixed an issue that would prevent signing of PSBTs in sub-directories on microSD

    VERIFYING AND INSTALLING PASSPORT FIRMWARE

    If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page

    This Month in Sovereignty: March 2023

    Posted on April 7, 2023 - 2:26 pm by

    Welcome to This Month in Sovereignty, a new monthly newsletter from Foundation. 

    With all that we have going on here at Foundation, the exciting news among our ecosystem partners, and the rapid pace of innovation around Bitcoin and self-sovereignty tools, we wanted to create a one-stop place for you to keep up with everything happening in the space.

    We’ll use this newsletter to highlight development and content at Foundation, give you insight into what we’re loving this month as a team, and help you keep up with the ever evolving world of self-sovereignty, privacy, and Bitcoin. Let’s dive in.

    This month at Foundation

    Updates

    It’s been a very busy month for us as we’ve finished squashing a few key bugs and have been able to focus more on building out new features for Passport and Envoy by the handful. We shipped two firmware updates for Passport, drastically improving QR and transaction signing performance, and shipped a major new open beta for Envoy featuring complete hot wallet support.

    • Passport version 2.0.7 is now live!
      • We focused on rebuilding transaction signing and QR scanning from the ground up, bringing you a faster and more seamless experience when sending Bitcoin using your Passport.
    • Envoy Wallet Open Beta
      • With this open beta we’re greatly expanding what Envoy is capable of, making it a feature-rich Bitcoin hot wallet in addition to its existing role as a watch-only wallet and management app for Passport.​

    Blog posts

    Our broad focus on content this month was around equipping you with the tools you need to gain financial sovereignty through Bitcoin privacy, and to approach Nostr in a privacy-preserving way as a new and powerful social media platform.

    • Privacy on Nostr
      • “Nostr has been taking the Bitcoin world by storm over the past few months, and with it comes a chance to correct the mistakes of the current social media paradigm… Nostr takes a novel approach to its network design, and we want to be sure that Nostr users like yourself are well-equipped to use Nostr in a way that preserves your privacy and security from the start.”
      • We believe Nostr is social media as it should be.
      • You can follow us on Nostr here: @Foundation
    • Bitcoin doesn’t need banks
      • We expanded on the concepts discussed on Journey to Sovereignty in our special “Bitcoin doesn’t need banks” in a standalone blog post, walking through our favorite no-KYC P2P exchanges, how they work, and how you can get started.
      • “You just traded fiat for Bitcoin directly with another human without involving any intermediaries, without sacrificing your personal privacy, and without giving up custody of funds to an exchange for a prolonged period of time. P2P exchanges are the future.

    Journey to Sovereignty

    We started a new podcast and Twitter Space this year called “Journey to Sovereignty” as a place for us to chat about all things sovereignty, the why and how of reclaiming your digital sovereignty, and to give you all a chance to chime in, ask questions, and join the conversation. We’ve had a great time diving deeply into the concepts of sovereignty, personal privacy, and Bitcoin’s power to provide financial freedom.

    In March, we walked through on-chain privacy in Bitcoin, discussed how we can free ourselves from banks and middle-men as we acquire Bitcoin, and how an ongoing attack against Bitcoin nodes works and how you can protect yourself against it.

    • EP #6 – Protecting our privacy on Bitcoin (Part 1)
      • In this episode we took a more technical deep dive into all things Bitcoin privacy, starting with why Bitcoin transactions reveal the information they do, and what information we must protect to preserve our privacy while using Bitcoin.
    • SPECIAL – Bitcoin doesn’t need banks
      • In this episode we talk through how Bitcoin was built from the ground up to stand on its own and how you can acquire and use Bitcoin without ever touching your bank account.
    • EP #7 – Who’s spying on your Bitcoin node?
      • If you’ve heard about ways that Bitcoin nodes can track you or theoretical attacks against Bitcoin nodes, we’ve got you covered in this episode. We dive into how network privacy works in Bitcoin, what nodes learn about you, and discuss an active attack against your node that’s been going on for the past few months.
      • Our conversation was based on the excellent research published by 0xB10C here:

    You can follow the podcast on your favorite platforms, including Apple Podcasts, Spotify, Google Podcasts, and Fountain, a Bitcoin-powered podcast platform where you can support content creators directly with your sats.

    If you listen and boost Journey to Sovereignty on Fountain, we forward 100% of the sats you send us to other free and open-source projects we love in the Bitcoin space:

    What we’re following


    In this segment of the newsletter we share what our team has been loving in the space, be it podcast, blog posts, media, etc. Get to know the Foundation team a bit better and hopefully find some content you’ve been missing!

    This month in digital sovereignty

    March ended up being an absolutely shocking month of news from every angle, including bank collapses, harsh proposed regulations, and big news in the privacy ecosystem.

    This month’s step towards personal privacy and security

    Still stuck on Google Chrome or default Firefox but looking to improve your privacy while browsing? Our focus this month is to help you make the jump to a browser that cares about your privacy from the start, providing you a strong base and a jumpstart towards better online privacy.

    • Firefox
      • One of our favorite hardening guides for Firefox is made by an excellent content creator in the privacy space, TechLore. This guide goes step by step with very simple instructions and walks you through the process. Don’t let it scare you! It’s very straightforward, and only needs to be done once per computer.
    • Brave Browser
      • Brave has some excellent defaults, but certainly takes some odd approaches (like cryptocurrency ads all over the place and built-in cryptocurrency wallets which aren’t helpful to most people). This guide will help you harden its defaults, disable all of the Brave cryptocurrency integration, etc.
    • Mullvad Browser
      • Mullvad’s browser was just announced this month, but provides a great entry-point for the more hardcore among you. It takes strong steps towards reducing browser fingerprinting and bundles an excellent set of defaults for you out of the box.

    What we’re working on

    We’re excited to release a swath of updates for Passport and Envoy in April, including an open beta for Passport v2.1.0 that will include lots of exciting new features that we’ve been building out for you. This might just be our biggest month of software releases ever.

    To keep up with what we’re building, you can follow us on Twitter, on Nostr, or subscribe to our newsletter below so you can stay in the loop.