Skip to main content

Envoy version 1.6.2 is now live!

We’re excited to announce that the latest version of Envoy1.6.2 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

Please note that there can be a significant lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.

What’s changed

In Envoy v1.6.2 we’ve focused heavily on improving the user experience for those of you running larger text or display sizes, fixed a bug around transaction cancellation using RBF, and migrated to our new domain, Foundation.xyz.

For more details on each of the changes, keep reading below!

Improvements

  • Envoy now has drastically improved handling of varying display or text sizes, especially abnormally large display/text sizes.

    • As Envoy has gained more users, we’ve noticed an issue where those of you using larger display or text sizes can have issues with buttons being unable to be accessed, especially when setting up Envoy for the first time.

    • We’ve gone through Envoy with a fine-toothed comb to better handle when users have set their OS to use larger display or text sizes and respond appropriately.

  • Envoy now uses our new Foundation.xyz domain for all services.

    • Older version of Envoy will now automatically use redirects from foundationdevices.com -> Foundation.xyz.

    Bug Fixes

    • Fixed a minor text alignment issue introduced in 1.6.0.

    • Fixed a minor text issue in the onboarding flow.

    • Fixed an issue where the fee could be incorrectly calculated for Canceling transactions when sending to a Taproot address, causing some cancellation transactions to fail.

    Verifying Envoy on Android

    If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

    Envoy version 1.6.0 is now live!

    We’re excited to announce that the latest version of Envoy1.6.0 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

    Please note that there can be a significant lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.

    What’s changed

    We’ve focused Envoy 1.6.0 on a vital new feature for Bitcoin’s volatile fee market — replace-by-fee (otherwise known as “RBF”). RBF allows you to easily boost the fee on a transaction you’ve sent that’s stuck surfing the mempool, or even cancel an in-flight transaction and send it back to yourself. Just tap on any transaction that is unconfirmed and quickly Boost or Cancel it in Envoy.

    We’ve also brought a complete redesign of address and amount displays to Envoy, making it drastically easier and more intuitive to view amounts (in sats or BTC, as always!) or verify addresses. A special thanks to the fantastic Bitcoin Design initiative for spearheading the concept here! Oh, and don’t sleep on custom device names for Passports paired to Envoy, and the new Catalan translation 👀

    For more details on each of the changes, keep reading below!

    New Features

    • Full “replace-by-fee (RBF)” control is here!
      • If you’ve ever sent some Bitcoin only to have them get stuck in the mempool due to a crazy fee market, this one is for you!Now you can simply tap “⏩ Boost” when viewing a pending transaction’s details to get your transaction back to the top of the queue.Sent a transaction but realized it was a mistake? You can also tap “Cancel” and send the funds back to yourself using RBF as well 😌
    • When you set a custom name for your Passport, now that name will show up automatically in the Devices tab on Envoy.
      • Have multiple Passports in the house? Now you can easily tell them apart in Envoy using custom names!
      • Any name on Passport will now automatically be synced to Envoy when pairing for the first time.
        • Note that existing Passport names won’t be updated unless they are deleted first, but we’ll be improving that in Envoy v1.7.0!
    • Envoy translated to Catalan thanks to our friends over at @bcnbitcoinonly! Special thanks to @insatwetrust, in particular!!

    Improvements

    • Improved Tor performance on iOS (and some Android vendors), especially when it comes to getting fiat exchange rates.
    • Improved testnet reliability via new testnet Fulcrum infrastructure.
    • Available balance now shows fiat value in addition to Bitcoin, if fiat is enabled.
    • Improved the way fiat is displayed in the Transaction Details screen.
    • Updated OpenSSL libraries and removed some unnecessary dependencies.
    • Updated Arti (the Rust-native Tor library) in our library to the latest version, v1.1.12.
    • Improved tap targets across the board to make it that much easier to get to what you want in Envoy.
    • Tapping on the Accounts tab when inside an account will take you back to the main Accounts view.
    • When Fiat values are loading they will now display a loading bar instead of a 0.
    • We’ve taken a fine-toothed comb to the UI in Envoy and made a number of improvements across the board. Better UI, better UX, better Bitcoin experience.
    • Improved Spanish translations.

    Bug Fixes

    • Fixed a bug where Envoy would slow down if a custom Electrum server was unreachable for a long period of time.
    • Fixed a rare bug where sometimes the change address would be displayed as the destination address.
    • Fixed a bug where in some iOS instances selecting Custom fee would result in a crash.
      • Thank you @Fredodido56 for the report!
    • Fixed a bug where the German locale could randomly show commas and dots while typing a number in.
      • Kudos to Mike from our TG community for the report!
    • Fixed an issue where iPhone 8 users wouldn’t be able to tag coins.
    • Fixed an issue with displaying a 24-word seed when manually imported.
    • Fixed some minor issues where under certain circumstances fiat values wouldn’t display correctly.
    • Fixed a visual bug where after deleting a hot wallet and the backup, the Accounts view’s title would be displayed incorrectly.
    • Fixed some text strings wrapping when they shouldn’t have.
    • Fixed a minor bug where sometimes the user would be asked twice about adding a Note to a transaction when signing with Passport.
    • Fixed a minor bug where the small coin exclusion alert was triggered when it shouldn’t have been.
    • Fixed a minor issue where under specific circumstances a user was able to add an infinitely long tag name that broke the UI.
    • Fixed an edge case where the user would be able to attempt to build a transaction with negative fees.
    • Fixed an issue where Envoy could freeze if a user attempted to export an abnormal amount of logs.
      • As always, we take your privacy seriously! Envoy does not send logs to Foundation (and has no ability to do so), so this only applies to users who manually tried to export logs to share with us for a bug report.
    • Fixed an issue where Envoy could freeze if the change amount was too big when setting a custom fee.

    Verifying Envoy on Android

    If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

    Envoy version 1.5.1 is now live!

    We’re excited to announce that the latest version of Envoy1.5.1 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

    Please note that there can be a significant lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.

    What’s changed

    Note: v1.5.1 is a bug-fix release that resolves an issue updating firmware via Envoy on iOS. We’ve replicated the release notes here from 1.5.0 with the additional bug fix.

    With this release of Envoy, we’ve focused on bringing you fully-featured support for Taproot! This not only expands the use-cases and access for Envoy as a mobile wallet, but it also paves the way for full Taproot support to be added to Passport in the upcoming v2.3.0 firmware. We’ve also included a proper Spanish translation to Envoy, and many quality of life improvements and bug fixes.

    For more details on each of the changes, keep reading below!

    New Features

    • Envoy now has full Taproot ???? support, allowing you to easily send and receive with the latest and greatest features in Bitcoin!
      • For those who want to use Taproot, simply enable support from the settings under the “Advanced” drop-down and a new Taproot-specific account will be created for you.
      • This also paves the way for full Taproot support in Passport, coming in firmware v2.3.0 very soon!
    • Envoy now has a Spanish translation available to all of our Spanish-speaking users!

    Improvements

    • Envoy now allows users to select a preferred language in settings on iOS and Android.
    • Upgrade Flutter to the latest stable release, v3.16.1.
    • Envoy now automatically excludes coins that are too low of a value to spend in the current high-fee environment.
      • We’ve noticed that in the current fee environment, a native behavior of BDK that is designed to protect you from wasting sats could get a bit confusing. If you have coins that are relatively low value, it’s possible that they could cost more to spend than the value of the coin, meaning spending them would just be burning precious satoshis.
      • We still leverage the BDK default to help protect you from losing satoshis sending coins that are too low of value, but now we give you a clear warning when this would happen via a shiny new modal.
    • You can now hide amounts on an account while in the detailed account view.
    • Improved how the bottom sheet shows amounts when using coin control when minimized.
    • Users who have previously used Magic Backups and then manually restore the same seed now get the option to restore their previous Magic Backup or simply use a manual wallet.
    • Improved how selecting coins works when switching views.
    • Added a warning when a user manually selects coins and then changes the fee on the transaction review screen, as it can cause Envoy to automatically re-select coins for the user.
    • Updated our Tor library to the latest version of Arti, v1.1.11.

    Bug Fixes

    • Fixed an issue unselecting an entire tag in coin control if some coins in that tag are locked.
    • Fixed a minor display issue when deleting a mobile wallet.
    • Fix an issue with units displayed on the send screen showing sats even when denominated in BTC.
    • Fixed an issue where redeeming an Azteco voucher could show duplicate entries in the activity screen.
    • Corrected the informational text on the unsigned PSBT screen.
    • Fixed an issue where the firmware update button would be slightly off-center.
    • Fixed a minor padding issue on the tag details card.
    • Fixed a rare issue that could cause a blank screen when pairing an existing Passport account.
    • Fixed an issue where an address could display incorrectly in the transaction details screen when receiving multiple outputs in a single transaction.
    • Fixed a display issue where excessively long device names could break the version pill on the devices tab.
    • Fixed an account renaming issue.
    • Fixed various minor display issues.

    Verifying Envoy on Android

    If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

    Envoy version 1.4.0 is now live!

    We’re excited to announce that the latest version of Envoy1.4.0 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

    Please note that there can be a lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.

    What’s changed

    In this version of Envoy we’ve implemented intuitive and easy-to-use coin control, a new Activity Center and Privacy Shield, a redesigned Learn tab, broad user experience and user interface improvements, and squashed bugs across the board.

    We’re especially excited about our implementation of coin control in Envoy, as there has been a lack of intuitive coin control on mobile for Bitcoin users in the past, even though coin control is vital for giving you control over your privacy. We’ve spent countless hours building coin control in Envoy from the ground up to be as easy to use, as powerful, and as privacy-preserving as possible. Coin control isn’t just for technical users anymore.

    For more details on each of the changes, keep reading below!

    New Features

    • Say hello to the most intuitive and approachable coin control in any Bitcoin wallet to date ????
      • Coin control is a vital feature that allows you to preserve your privacy on Bitcoin and choose what information to reveal about your financial activity to those you interact with, but has been a feature only accessible to technical users in the past.
      • We’ve been working tirelessly to bring you an implementation of coin control that even grandma can use. Easily tag your funds as you receive them, lock or unlock individual coins, choose exactly which coins to spend, or simply spend from a single tag with just a few taps.
    • Redesigned the Learn tab from the ground up, with an entirely new UI, improved video player, the ability to read blog posts directly in Envoy, and an improved FAQ section ????
      • Videos and blog posts now also get marked as watched/read when opened, and can be manually marked as unread by long-pressing on the item in the Learn tab.
    • Implemented a new Activity Center and Privacy Shield in the bottom toolbar ???? ????️
      • We’ve broken out our privacy settings into their own new home on the toolbar, as well as migrated the activity center from the bell icon to it’s own page.
      • The new Activity Center will now show transactions, firmware update announcements, and more in the future!
    • Implemented full support for BRL fiat conversion. Welcome, Brazil! ????????
    • Implemented new “sat” and “btc” icons for units instead of text.

    Improvements

    • Migrate Tor support to use the new Arti Tor client, implemented in an open-source Flutter library.
    • Greatly improved performance and resolved rare crashes for users with wallets that are heavily used, i.e. Samourai Wallet post-mix accounts.
    • Automatically add a note on Azte.co voucher redemption transactions indicating that they were from Azte.co.
    • Updated to support the latest azte.co API and voucher changes.
    • Long pressing on the delete button now deletes all entered text when constructing a transaction.
    • Envoy now automatically backs up the Envoy Backup file to Foundation servers every hour.
      • Only applicable when Magic Backups are opted into by a user.
    • Improved the responsiveness of the “Backup Now” button for Magic Backups to show when a backup is successful.
    • Broad updates and improvements to the frequently asked questions (”FAQs”) in the Learn tab.
    • Improved descriptions and copy in pairing screens.
    • Implemented new “hamburger” menu icon with open/close animations.
    • Improved the firmware update flow when firmware is downloaded but not properly copied to microSD for any reason.
    • Made it easier to use Envoy purely as a Passport companion app for those who don’t want Envoy as a mobile wallet.
      • It’s now easier to add additional Passport accounts without accidentally triggering the mobile wallet setup flow.
    • Improved screens across iOS, specifically those around pairing with Passport and downloading firmware.
    • Added the ability for Envoy to use the system locale to better display units and times throughout the app.
    • Added a shiny new animation to the manual mobile wallet setup flow.
    • Improved the way transactions display in the Activity tab.
    • Migrated video hosting for the Learn tab to Vimeo.

    Bug Fixes

    • Corrected some minor issues with settings not being properly backed up and restored as a part of Magic Backups.
    • Removed fiat value for testnet coins – they have no value!
    • Properly display an error when an invalid Envoy Backup file restore is attempted.
    • Properly decode BIP 21 URIs with empty amounts.
    • Updated several dependencies to resolve inherited minor security issues.
    • Fixed several app freezes and crashes on iOS when a user had many accounts or deep wallets.
    • Fixed a rare backup conflict when using QR recovery with Magic Backups.
    • Resolved an issue with the previous Tor library where local network access would be requested in iOS (but not used).
    • Resolved several minor issues with how Envoy interprets the native Android back button.
    • Resolved lag when the app was opened while in Airplane Mode.
    • Fixed some minor text centering issues.
    • Resolved an issue where an account renaming would revert on iOS without the users input.
    • Resolved a rare bug when screen recording Envoy usage.
    • Resolved an issue where a user that ops into manual setup gets shown Magic Backup settings incorrectly.
    • Fixed an issue where the shield would stay red after a successful manual recovery.
    • Fixed a display issue possible when repeatedly adding and removing accounts.
    • Fixed a display issue where the + button could disappear.
    • Resolved some issues with account renaming when certain keyboard functions are used.
    • Resolved issues with screen sizing on smaller phones (i.e. iPhone 7).
    • Fixed an issue where saving a custom node would occasionally not persist.
    • Resolved a bug where prompts could appear where they shouldn’t.

    Verifying Envoy on Android

    If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

    Envoy 1.4 – Say Hello to Coin Control

    With the release of Envoy version 1.4 today, we’ve taken the next big leap forwards in our goal with Envoy — to bring the best of Bitcoin to you, simplified. Since the release of Envoy’s full mobile wallet functionality with Magic Backup, we’ve been working tirelessly to bring you the next phase focused on giving you full control over your Bitcoin. Say hello to the most intuitive and approachable coin control to date.

    Coin Control Made Easy

    Taking control of your money has been a part of our mission from day one, and the ability to control exactly how you spend your bitcoin through Envoy is a key part of that. In this release of Envoy we’ve spent countless hours taking the concept of coin control that has existed in other Bitcoin wallets back to the drawing board, as coin control should be within reach of everyone, not just “techy” Bitcoiners. We think coin control should be something even grandma can use.

    The concept of coin control can often be a foreign one to new Bitcoiners, but quite simply it’s a tool that allows you to choose what coins get spent in each transaction. The standard functionality of a wallet is to use a coin-selection algorithm to intelligently select the best coins to spend when you send bitcoin, but without some form of coin control there is no way for the algorithm to know what history each coin carries with it. When you combine coins with different histories, you reveal information about your financial activity you may not be intending to share!

    When you use coin control, you can tag coins and add notes to transactions as you use Envoy, allowing you to spend only the coins which you want to each time you spend your bitcoin. Don’t want to reveal how much you get paid to your grocer? Only pay him using coins from your previous visits to the grocery store. Tired of your barista seeing how much you paid for dinner last night? Only pay him using coins you just got peer-to-peer. Coin control gives you total control over what information you choose to reveal each time you use Bitcoin — the very definition of privacy.

    Using coin control on Envoy is just a tap away behind the new “Tags” icon inside of each account, where you can easily select to spend from an entire tag or get into the weeds and select individual coins to spend. You can keep things as simple as you want or get as granular as you want — you’re in control now. And if the concept of coin control seems like too much for you today, you can simply never touch it and still benefit from a smart coin-selection algorithm in the background that does its best to reduce fees while preserving your privacy.

    All of this functionality gets added on top of the 60 second onboarding that Envoy brings via Magic Backups, the seamless integration with Passport, and the fully customizable privacy settings across the board. It’s time you experienced Bitcoin, simplified by downloading Envoy today.

    If you want to deep dive into how you can use coin control we’ve got you covered with our new docs on the topic: Tags, Notes + Coin Control | Foundation Docs

    Redesigned Learn Center

    We have a deep passion for user education and empowerment, and want to make the output of that passion more accessible through Envoy. When you have questions about how Envoy or Passport works, want to learn more about Bitcoin, or simply want to pass the time with the sound of BitcoinQnA’s voice in the background, we’ve got you covered. We’ve started from scratch and improved every aspect of the Learn center, starting with a drastically improved video player and a new video host. Videos are faster to load, easier to control, and are now automatically marked as watched afterwards.

    We’ve also added full support for reading our blog posts directly in Envoy without ever leaving the app or opening your browser. Blog posts also get marked as read immediately after viewing them, making it simple to keep up with the latest in Foundation announcements and education. In addition, we’ve revamped our FAQ section at the bottom and updated it with all of the recent changes in Envoy and Passport.

    Privacy Shield Joins the Toolbar

    We’ve always held preserving user privacy as one of our chief values at Foundation, and that starts with the options available to our Passport and Envoy users. With this version of Envoy, we’re taking things a step further and improving the visibility and usability of all of those privacy settings in Envoy with a new standalone section we’re calling the “Privacy Shield.” Quickly connect to your own Bitcoin full node, switch back to Foundation’s, use Tor for improved privacy, or turn Tor off for better performance when necessary.

    Everything you need to know about preserving your privacy while using Envoy can be found in our documentation: Privacy | Foundation Docs

    Activity Center, Reborn

    In addition to launching coin control and revamping our privacy settings, we’ve taken the time to overhaul the activity center in Envoy and give it a new home in the toolbar. Everything you need to keep up with your Bitcoin activity, Passport firmware updates, and more can be found in the Activity Center now. We plan on expanding this in the near future to encompass more things as well, so keep an eye out for future Envoy updates!

    Want to learn more? Dive into our docs here: Activity | Foundation Docs

    So Much More

    If this has piqued your interest, head on over to our full release notes to learn more about what we’ve added, improved, or fixed with this release of Envoy:

    https://foundationdevices.com/2023/12/envoy-version-1-4-0-is-now-live/

    We can’t wait to hear your feedback on this latest iteration of Envoy, and if you have any questions or run into any issues, please don’t hesitate to reach out:

    https://foundationdevices.com/2021/12/support-where-and-when-you-need-it/

    Announcing our Early Access Rewards program

    One of the powerful use-cases that Bitcoin unlocked with it’s peer-to-peer nature is the ability to incentivize and reward contributions without any middlemen or hoops to jump through. This movement has come to be known as “value4value,” and has provided an immensely powerful new tool for content creators, Nostr users, and now community members. Today we’re excited to unveil a new program implementing the value4value philosophy into our existing beta testing process — Early Access Rewards.

    tl;dr — Be the first to report any reproducible issue for Passport or Envoy beta releases and get a 10k Satoshi bounty in Bitcoin per issue reported!

    Early Access Rewards Highlights

    The premise of the Early Access Rewards program is quite simple: contribute meaningful bug reports for Envoy or Passport releases while they’re in open beta, and get rewarded for each individual contribution. No middleman, no lengthy ToS, no Foundation login or account necessary.

    How to participate:

    1. Test the beta releases for Passport firmware or Envoy app.
    2. Report issues on Github.
    3. All issues (the first time they are reported) are eligible for the 10k Satoshi reward.
    4. Foundation team members will validate the issues for eligibility.
    5. Rewards sent directly to your provided Bitcoin address or Lightning invoice.

    Join Early Access Rewards today

    Want to earn sats for your important contributions to our open-source projects? Simply join our beta testers Telegram room below and keep an eye out for beta release announcements. Once a release is announced, you can submit any issues you find via Github and earn 10k sats per validated issue.

    Once you discover an issue with the beta release, submit it via Github using the following links with the “Bug Report” option. Note that this does require a Github account:

    Join the community, help us improve, and get rewarded in Bitcoin for your valuable contributions! ????

    The future of Early Access Rewards

    We’re excited to see how well this program works to incentivize important feedback and contributions from our fantastic community, but we also have plans to expand the program in the future. We’re currently considering creating a hardware Early Access program to get our newest products in the hands of invaluable community members first, and top contributors to this Early Access Rewards program will be first in line.

    We have multiple new products in the works, and we can’t wait to watch each of you help us to build and improve as we bring freedom tech to more and more people around the globe. As one of the top contributors to our Early Access Rewards program, you’ll get the chance to test our new products for free as a thank you for your contributions in exchange for feedback and bug reports.

    The (not so) fine print

    If you have more specific questions on how the program will work, you can read the detailed rules below. Have a question? Don’t hesitate to ask in the Telegram room or email us at [email protected].

    1. Eligibility for Rewards: a. The first reporter of any reproducible issue for Passport or Envoy beta releases is eligible for a 10k Satoshi bounty, paid in Bitcoin. b. Issues must be reported only once, and once made public, they are no longer eligible for additional 10k Satoshi bounties.
    2. Reporting Process: a. All issues should be reported on Github in the appropriate repository:
    3. Reproducible Issues: a. Issues must be reproducible, meaning that Foundation team members can accurately recreate and validate the issue in the Envoy app or Passport firmware.
    4. Judgement and Reward: a. Foundation reserves the right to make the final judgment on whether issues are eligible for the 10k Satoshi reward. b. Once an issue is verified and confirmed as eligible, the reward will be sent to the reporter’s provided Bitcoin address or Lightning invoice.
    5. Rewards Distribution: a. The rewards will be distributed in Bitcoin (BTC). b. The amount of the reward will be 10,000 Satoshi for each eligible issue. c. All rewards will be paid out at the end of the beta period.
    6. Confidentiality: a. While issues will be made public upon reporting, beta testers should avoid sharing sensitive or personal information in public discussions about the issues.
    7. Compliance: a. All beta testers must comply with the rules and guidelines set by Foundation Devices during the beta testing period. b. Any violation of the rules may result in disqualification from the beta testing program and forfeiture of rewards.
    8. Changes to the Rules: a. Foundation Devices reserves the right to modify the rules or terminate the beta testing program at any time without prior notice.
    9. Disclaimer: a. Beta testers participate in the program at their own risk, and Foundation Devices shall not be liable for any damages or losses incurred during beta testing.

    Envoy version 1.3.0 is now live!

    We’re excited to announce that the latest version of Envoy1.3.0 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

    Please note that there can be a lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.

    What’s changed

    In this version of Envoy we’ve implemented the ability to redeem azte.co vouchers with a single QR scan in Envoy directly to your mobile wallet, added the ability to cycle through units by tapping on amounts, the ability to update Founder’s Edition devices directly from Envoy, and focused heavily on refining user experience for Envoy mobile wallet users.

    With the release of our last major version of Envoy, we transformed Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features in addition to its role as Passport companion app. With that came many new screens and features, so we’ve taken this release to focus on iterating and bringing many bug fixes and quality of life improvements for all our fantastic Envoy users.

    As you may have noticed, we’ve skipped v1.2.0 and jumped straight to v1.3.0 as we realized we had too many important changes to be made during the beta period for v1.2.0. As a result this changelog includes all major changes introduced in v1.2.0 as well, so it’s extra long and extra exciting.

    For more details on each of the changes, keep reading below!

    New Features

    • You can now redeem azte.co vouchers directly in Envoy with just a few taps!
      • Getting those no-KYC sats directly from Azteco just got much easier, as you can simply scan an Azteco voucher QR code and sweep the funds directly into Envoy by scanning the QR code from any screen ????
      • Azteco allows you to buy Bitcoin vouchers from your local corner store just like you’d top up a pre-paid phone plan. Buy with cash and get Bitcoin directly in your mobile wallet or cold storage for one of the fastest and most private ways to acquire Bitcoin out there.
    https://youtube.com/shorts/6TWEaWcyFQ0
    • Added the ability to cycle through units (fiat/BTC/sats) by tapping on the amount when building a transaction.
    • Those of you rocking Founder’s Edition devices can now update within Envoy, just like with our latest Passports!
    • Malaysian Ringgit added as supported currency – Hi Malaysia!! ????????

    Improvements

    • Rearranging accounts has been completely rewritten and is now sexier and smoother than ever before! Organizing your accounts has never been so satisfying.
    • Added prompts to help users find features that could otherwise be hard to discover. These can be easily dismissed as you learn more about using Envoy.
    • Added a warning if Envoy’s mobile wallet contains more than $1000, reminding the user of the danger of keeping lots of funds on a mobile wallet.
    • Updated the look of the account cards, adding a bit more elegance and refinement.
    • Updated the way decimal units of fiat values are displayed when typed in the Send screen.
    • If you lose internet connectivity while on the go, Envoy will now update balances instantly without needing to refresh the app when connection is re-established.
    • Sent transactions will now displayed instantly, instead of waiting to hear from the Bitcoin node you are using in Envoy.
    • Improved how we display progress when scanning animated QR codes during the Passport connection flow.
    • Swapped the send and receive button locations to be more logical, and improved the appearance of the QR scanning button.
    • Improved the user experience when updating firmware for Passport via Envoy.
    • Improved the “Back up now” button user experience in Backup settings to give feedback and a status spinner while backing up.
    • Added additional contextual text and links when the accounts screen is empty.
    • Made it easier to distinguish when you’re using testnet accounts by using “tsats” and “TBTC” as the unit.
    • Added the ability to mute the explainer video for Magic Backups.
    • Improved the wallet deletion flow.
    • Improved the screens a user sees in failed states due to connectivity issues or restoration failures with Envoy backup files.
    • Improved handling when using Android’s native back button for getting out of Passport accounts.
    • Added the ability for users to save and manually share error logs with support if needed.
      • This error logging only happens locally and must be shared manually by the user to best preserve user privacy.
    • Sending amounts below a “dust” threshold will now show an error instead of having the “Continue” button become unresponsive.
    • Added explanatory texts when Testnet is enabled.
    • Other minor icon and text updates to make processes smoother and more understandable.

    Bug Fixes

    • Fixed an issue preventing onboarding on iPhone SE.
    • Fixed an issue where importing Envoy mobile wallet from a QR code incorrectly said it failed when it actually succeeded.
    • Fixed minor copy and UI issues throughout the app.
    • Fixed how some screens in Envoy were handled on devices with small screens.
    • Fixed an issue where the audio for the Magic Backups explainer video could continue playing in the background even after the user closes it.
    • Fixed a minor issue with the “+” button disappearing in rare scenarios.
    • Fixed handling of very large amounts when using sats as the unit.
    • Properly refresh transaction list when the wallet syncs again after losing internet connectivity.
    • Fixed an issue where users could be shown the onboarding for a second time in rare scenarios.
    • Fixed a rare issue where updating an account name could fail.
    • Fixed an issue where reordering accounts could occasionally make them swap colors.
    • Fixed a minor issue where the user could type infinite zeroes after the satoshi unit in the send screen.
    • Fixed an issue where scanning an address would reset the amount on the screen if this was typed before the address was scanned.
    • Fixed an issue where a “not a valid address” banner would continue displaying for a long time after a dynamic QR code was scanned.
    • Fixed an issue where recovering from a seed that had never been backed up in Foundation servers could generate two identical hot wallets.
    • Fixed an issue where recovering from an invalid QR seed would crash Envoy.
    • Fixed a rare issue where while on certain pages, the shield chevron could be behind OS controls.

    Verifying Envoy on Android

    If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

    Announcing Envoy Wallet: Bitcoin Simplified

    We’re thrilled to announce a groundbreaking release of Envoy, our mobile companion app for Passport. This new update transforms Envoy into a standalone Bitcoin mobile wallet with powerful account management and privacy features.

    Envoy makes financial sovereignty more accessible than ever before and radically lowers the barriers to Bitcoin self custody.

    Notably, Envoy Magic Backups take the pain and worry out of setting up and backing up a mobile wallet, allowing you to get up and running in 60 seconds and restore your wallet anytime, on any device, in just three taps. It’s time you experienced Bitcoin, simplified.

    Read below to learn more, or dive right in and download Envoy now!

    THE BEST OF BOTH WORLDS

    With mobile wallet support in Envoy, the combination of Envoy + Passport empowers you to store your wealth in an ultra secure, intuitive hardware wallet while also spending Bitcoin on the go in just a few taps. Move funds back and forth between Envoy and Passport, make airgapped transactions, and access your spending and saving balances from anywhere – all in a single app!

    Not a Passport owner? This update introduces full Bitcoin wallet functionality on your iOS or Android phone. Use Envoy to store and spend your Bitcoin with strong security, privacy via Tor, and a streamlined setup experience.

    We are excited to bring our best-in-class design, intuitive and approachable user experience, and peace of mind to smartphone users across the globe – no Passport required.

    WHAT IS A “MOBILE WALLET?”

    In Bitcoin, the term “mobile wallet” refers to any wallet that keeps your keys on an internet-connected smartphone for easier spending and receiving of funds. While you should not keep your life savings in a mobile wallet, it provides easier access to a small amount of Bitcoin for spending, withdrawing from an exchange, and onboarding new users.

    Envoy has traditionally been a “watch-only wallet” that connects to Passport, allowing you to view your balance and create transactions, but providing limited functionality when you are away from your hardware wallet. Now you can enjoy Envoy as a full-featured Bitcoin wallet on the go.

    EXPERIENCE MAGIC BACKUPS

    Envoy introduces a new seed-less onboarding experience called Magic Backups. While Envoy users can of course manually handle seed words if desired, we aimed to engineer a solution that enables 60-second onboarding and automatic encrypted backups of Envoy’s private key and application data (such as settings and labels), with a full restore taking just three taps.

    Additionally, we wanted to ensure that Envoy does this without collecting any user data – no email address, no passwords, no IP address (when Tor is enabled) – no friction!

    We expect Envoy Magic Backups will lead to a massive increase in self custody, with easier onboarding than you’d find at any Bitcoin exchange or custodian.

    HERE’S HOW ENVOY MAGIC BACKUPS WORK

    1. Envoy generates a seed and stores it on your phone’s secure element.
    2. Since most users have iCloud Keychain or Android Auto Backup enabled, the seed is automatically synced to your other iOS or Android devices – fully end-to-end encrypted, without needing to give Envoy permission to access your iCloud or Google account. This encryption means that only you can access this data, not even Apple or Google.
      • Learn more about iCloud Keychain.
        • “iCloud protects your information with end-to-end encryption, which provides the highest level of data security. Your data is protected with a key that’s made from information unique to your device, and combined with your device passcode, which only you know. No one else can access or read this data, either in transit or storage.”
      • Learn more about Android Auto Backup.
        • “Android preserves app data by uploading it to the user’s Google Drive—where it’s protected by the user’s Google account credentials. The backup is end-to-end encrypted on devices running Android 9 or higher using the device’s pin, pattern, or password.”
    3. Envoy then creates a backup file containing your app settings, account labels, and other non-sensitive app data, so that Envoy can be restored to its exact previous state. This folder is end-to-end encrypted with your seed so that Foundation can never see the contents. We call this the Envoy Backup.
    4. The fully encrypted Envoy Backup is uploaded to Foundation’s servers, alongside a hash of the seed (a cryptographic representation of the seed that proves your knowledge of the seed, not the seed itself!) so that we can ensure no one else can attempt to download your backup without proving knowledge of your seed phrase.
    5. There is no Foundation user account, no email, no password – all you need is access to your iCloud or Google account.

    RESTORING FROM MAGIC BACKUPS

    If you lose your phone or delete the Envoy app, restoring your wallet takes only a few seconds with Magic Backups.

    1. Envoy checks the secure element on your phone and looks for the seed.
      • If it discovers a seed on the secure element, Envoy hashes the seed and sends the hash to our server.
        • This merely proves your knowledge of the seed and does not reveal your seed to Foundation in any way!
      • If it does not discover a seed, it accesses the encrypted backup from iCloud Keychain or Android Auto Backup and restores the seed to the secure element. Then Envoy hashes the seed and sends the hash to our server.
    2. Envoy then downloads the encrypted Envoy Backup from our servers.
    3. Envoy uses the seed to decrypt the Envoy Backup file locally (on your phone!) and restores all user settings, account labels, and other app data – so it’s like you never left.

    OTHER NOTABLE CHANGES

    We’ve also added the following features and improvements in this release:

    • Biometric/PIN authentication. Now you can protect your mobile wallet or Passport balances from prying eyes
    • Ability to swipe on accounts to hide balances while you’re on the go. For example, you can display your mobile wallet balance but hide your hardware wallet balance.

    TRY ENVOY TODAY

    We’ve released this new version of Envoy to all major platforms, so you can choose the method that suits you best below:

    1. If you’re on iOS, you can install Envoy from the App Store using the following link:
    2. For those on Android, you can either find Envoy in the Play Store, install via F-Droid, or download the app directly from Github (Envoy is fully open source!):
      • Play Store
      • F-Droid
      • GitHub
        • Download the APK titled “envoy-apk-1.1.3.apk” directly from the above link and install
        • As this APK is signed with our own keys instead of Google’s keys via the Play Store, if you’re using the Play Store version you’ll have to uninstall Envoy first before installing the public beta

    HOW CAN I GIVE FEEDBACK OR GET SUPPORT?

    As you use Envoy as a mobile wallet, we’d love to hear from you – every issue, bug, or favorite feature! There are three main places you can go to give us feedback or get help with Envoy:

    1. We have a standalone Telegram channel for our community that you can join and give feedback or get support
    2. You can email us
    3. You can direct message us on Twitter

    WHAT’S NEXT

    The release of Envoy as a mobile wallet paves the way for a range of roadmap items we’ve been planning for some time, and we can’t wait to build on this strong foundation of simplified Bitcoin usage. Next you’ll be able to jump in the ???? with thousands of other Bitcoiners, become a ????, or ⚡ your way to a cup of coffee — all within Envoy!

    We’re excited to release the next piece of your financial sovereignty toolkit to the masses and onboard a wave of Bitcoiners to self-custody, privacy, and financial sovereignty sat by sat.

    Now back to building.

    Envoy Wallet Open Beta

    We’re thrilled to announce a major new open beta of Envoy, our mobile Bitcoin wallet and companion app for Passport. With this open beta we’re greatly expanding what Envoy is capable of, making it a feature-rich Bitcoin hot wallet in addition to its existing role as a watch-only wallet and management app for Passport. Hot wallet support in Envoy opens up financial sovereignty through our tools to many more users and lays the groundwork for other privacy and security features we’re building behind the scenes.

    The best of both worlds

    Bringing hot wallet support to Envoy makes the pairing of Envoy + Passport the best of both worlds, allowing you to store your wealth in a highly-secure and yet easy-to-use package with Passport while also spending your Bitcoin on the go with just a few taps in Envoy. You’ll be able to easily move funds back and forth between your hot wallet and Passport, make transactions, and view your hot and cold balances from anywhere – all from a single app!

    Not a Passport owner? This update brings you full Bitcoin wallet functionality without ever needing to purchase Passport. You can use Envoy to store and spend your Bitcoin across iOS and Android with strong security, simple privacy via Tor, and a new and uniquely approachable onboarding experience. We don’t want to limit financial sovereignty to only those who can purchase a Passport, so Envoy as a hot wallet is our way to bring our best-in-class design, intuitive and approachable UI and UX, and peace of mind to smartphone users across the globe.

    What is a “hot wallet?”

    In Bitcoin, the term “hot wallet” refers to any wallet that keeps your keys on an internet-connected device for easier spending and receiving of funds. While you don’t want to keep your life savings in a hot wallet, it provides much easier access to a bit of Bitcoin for spending, tipping, and onboarding new users.

    Envoy has traditionally been a “watch-only wallet” that connects to Passport, allowing you to view your balance and create transactions, but providing limited functionality when you are away from your hardware wallet. Now you can enjoy Envoy not just as a companion app for Passport, but also as a fully-featured standalone Bitcoin wallet on the go.

    Backups, simplified

    Notably, Envoy Wallet introduces a new seedless onboarding experience we call Envoy Auto-Backup. While Envoy users can of course manually handle seed words if desired, we aimed to engineer a solution that enables 60-second onboarding and automatic backups of Envoy’s private key and application data (such as settings and labels).

    Additionally, we wanted to ensure that Envoy does this without collecting any user data – no email address, no passwords, no IP address if Tor is enabled – no friction! We hope Envoy Auto-Backup will lead to a massive increase in self custody, with easier onboarding than even an exchange.

    Here’s how Envoy Auto-Backup works

    1. Envoy generates a seed and stores it on your phone’s secure element.
    2. Since most users have iCloud Keychain or Android Auto-Backup enabled, the seed is automatically synced to your other iOS or Android devices – fully end-to-end encrypted, without needing to give Envoy permission to access your iCloud or Google account.
      • Learn more about iCloud Keychain.
        • “iCloud protects your information with end-to-end encryption, which provides the highest level of data security. Your data is protected with a key that’s made from information unique to your device, and combined with your device passcode, which only you know. No one else can access or read this data, either in transit or storage.”
      • Learn more about Android Auto-Backup.
        • “Android preserves app data by uploading it to the user’s Google Drive—where it’s protected by the user’s Google account credentials. The backup is end-to-end encrypted on devices running Android 9 or higher using the device’s pin, pattern, or password.”
    3. Envoy then creates a backup folder containing your app settings, account labels, and other non-sensitive app data, making sure that restoring Envoy back to its perfect state for you is a breeze. This folder is end-to-end encrypted with your seed, meaning Foundation can never see the contents. We call this the Envoy Backup.
    4. The fully encrypted Envoy Backup is uploaded to Foundation’s servers, alongside a hash of the seed (a cryptographic representation of the seed that proves your knowledge of the seed, not the seed itself!) so that we can ensure no one else can attempt to download your backup without proving knowledge of your seed phrase.
    5. There is no Foundation user account – all you need is access to your Apple or Google account and you’re all set.

    Restoring from Envoy Auto-Backup

    If you lose your phone or delete the Envoy app, restoring your Envoy Wallet takes only a few seconds with Auto-Backup.

    1. Envoy checks the secure element on your phone and looks for the seed.
      • If it discovers a seed on the secure element, Envoy hashes the seed and sends the hash to our server.
        • This merely proves your knowledge of the seed and does not reveal your seed to Foundation in any way!
      • If it does not discover a seed, it downloads the encrypted seed backup from Apple or Google and restores the seed to the secure element. Then Envoy hashes the seed and sends the hash to our server.
    2. Envoy then downloads the encrypted envoy backup from our servers.
    3. Envoy uses the seed to decrypt the Envoy Backup file locally and restores all user settings, account labels, and other app data, so it’s like you never left.

    Other notable changes

    We’ve also added the following features and improvements along with the fully functional hot wallet in v1.1.0:

    • Added bio-metric/PIN authentication for Envoy
      • Now you can protect your hot wallet or Passport balance from prying eyes
    • Added the ability to swipe on accounts to hide balances while you’re on the go
    • Implemented screenshot protection to prevent screenshots of sensitive screens in Envoy
    • Bumped the integrated Tor version to 0.4.7.10
    • Bumped Flutter SDK version to 3.7.7
    • Improved firmware update flow for Android to better account for slow file transfers
      • Some users experienced issues writing the firmware to microSD in the time we set for Envoy, so we’ve better handled those edge cases in this release

    Current gaps

    • Passphrase wallets are not currently supported.
      • We do plan on supporting passphrases with the public release, but are currently working on implementing a smooth user experience around passphrases and how they interact with the auto-backup feature.
    • Deleting only the hot wallet is not currently possible.
      • You can still reset the app by uninstalling/reinstalling or clearing app data, but please note that this will currently reset the entire app, including Passport accounts etc.

    What is a “public beta?”

    As this is a major overhaul of Envoy from the ground up, we’re launching hot wallet support first as a public beta to let our awesome community test drive it. When you join the public beta you get to be the first to try out hot wallet support, help drive new features and improvements via feedback directly to our team, and make your mark on what we’re building to empower the next phase of financial sovereignty.

    As this is a public beta, we expect that you’ll run into some minor issues and bugs as we work through them together, but we’ve worked hard to make it a complete and usable wallet from the moment the beta launches.

    How can I get access to the beta?

    We’ve pushed the beta version of Envoy to all of our normal channels as a separate beta release, so you can join one of three ways:

    1. If you’re on iOS, you can join our TestFlight program at the following link:
    2. For those on Android, you can either join the beta in the Play Store or download the APK directly from Github:
      • Play Store
      • GitHub
        • Download the APK titled “envoy-apk-1.1.0-beta.zip” directly from the above link, extract it, and install
        • As this APK is signed with our own keys instead of Google’s keys via the Play Store, if you’re using the Play Store version you’ll have to uninstall Envoy first before installing the public beta

    How can I give feedback?

    As you use Envoy as a hot wallet, we’d love to hear from you – every issue, bug, or favorite feature that you love! The more feedback we get during the public beta, the bigger impact you can have in the direction we take with Envoy and the better app we can launch to the rest of Envoy’s users down the road. There are three main places you can go to give us feedback:

    1. We have a standalone Telegram channel for live feedback and discussion of beta releases to keep the main channel uncluttered for our other community members
      1. Foundation Beta Telegram Channel
    2. You can email us
      1. [email protected]
    3. You can direct message us on Twitter
      1. Direct message @FOUNDATIONdvcs

    What’s next

    Our goal with this public beta is to flush out any remaining bugs or UX quirks so we’ll run the public beta for around two weeks. Throughout the public beta period we’ll push new releases as necessary to allow you to test updates and bug fixes as we go, and then at the end of the beta period we’ll launch Envoy as a hot wallet for every Envoy user across all platforms.

    We’re excited to get the next piece of your financial sovereignty toolkit out to the masses and onboard a wave of Bitcoiners to complete self-custody, privacy, and financial sovereignty sat by sat.

    Envoy version 1.0.8 is now live!

    We’re excited to announce that the latest version of Envoy 1.0.8 – is now published on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

    Please note that there can be a significant lag from publishing to general availability due to Apple App Store and Google Play Store review policies and delays.

    What’s changed

    With version 1.0.8 of Envoy, we added in a new Tor status dialogue that informs you when there are Tor connectivity issues and allows you to quickly disable Tor temporarily if desired. We’ve also squashed a few bugs, updated BDK to the latest version, and improved scanning times with Passport from Envoy.

    For more details on each of the changes, keep reading below!

    New Features

    • Added a new Tor dialogue when there are Tor connectivity issues
      • We value your privacy very highly, and as such we have always defaulted Envoy to using Tor, an anonymity network, to prevent even us from being able to learn information about you. Unfortunately, Tor has been undergoing a serious attack for the last several months, severely impacting user experience when using Tor.
      • This new Tor dialogue detects when there are Tor issues (after automatically trying to reconnect multiple times) and allows you to temporarily disable Tor directly from the dialogue until the next time you open Envoy.
      • For more on our usage of Tor, the current issues, and the trade-offs inherent in choosing to disable it, visit our docs page on the topic.

    Improvements

    • Reduce PSBT size (and thus QR size) in Envoy, improving scan times on Passport significantly
      • Keep an eye out for Passport firmware v2.0.5 which will even further decrease scan times across the board!
    • Update BDK to v0.24.0
      • For more on this release, see here.
    • Show the address itself under the QR code when verifying addresses between Passport and Envoy
    • Add a dedicated paste button next to the address field
      • Allows you to quickly paste addresses into the address field without relying on the OS’s paste function
    • Better handling when the back button is pressed in Android
    • Increase the number of addresses that Envoy will query for balances to better handle some advanced uses cases
    • Improve all Envoy dialogue pop-ups to make it clearer when action is necessary
    • Make connectivity indicator shield pulse red when a custom Electrum server is set and unreachable/unresponsive
    • Limit account name length to 20

    Bug Fixes

    • Properly warn when Envoy is unable to fetch firmware and show current version
    • Correct ordering of notifications on the activity screen
    • Correct hyperlink to more info on firmware in the firmware update flow
    • Redraw account and accounts cards when the exchange rate changes to properly show fiat balance
    • Use hostname instead of IP address for default testnet Electrum server

    Verifying Envoy on Android

    If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

    Envoy version 1.0.7 is now live!

    Envoy Release v1.0.7

    We’re excited to announce that the latest version of Envoy 1.0.7 – is now live on all your favorite mobile platforms! To download it, simply visit our download page or check for updates on your platform of choice.

    What’s changed

    With version 1.0.7 of Envoy, we added in a firmware update button to simplify the process of installing firmware updates after you’ve initially setup your Passport, squashed some pesky bugs, and overhauled our app to the latest Flutter release.

    For more details on each of the changes, keep reading below!

    New Features

    • Added a firmware update button to the home screen card for Passport
      • Now you can force a firmware update anytime, anywhere for your Passport device straight from Envoy’s home screen
    Envoy’s new firmware update button

    Improvements

    • Upgrade to Flutter 3
      • While this may not be immediately visible from a user’s perspective, it helps us cut down on bugs and improve our release workflow
      • Flutter 3 also enables us to more easily bring desktop support for Envoy in the future across all platforms, including Windows, macOS, and even Linux!
    • Remove Google MLKit QR scanner
      • Removes a dependency on Google and an unwanted network call
    • Change Postmix account color for consistency with Passport

    Bug Fixes

    Verifying Envoy on Android

    If you’d like to take the optional additional step of verifying Envoy binaries on Android, follow our guide: Verifying Envoy on Android

    Verifying Envoy on Android

    One of the core tenets we live by here at Foundation is that of “don’t trust, verify.” We’ve long had a detailed guide available for verifying and updating the firmware on Passport in a secure way, but we want to expand on that by empowering users to more easily validate Envoy on Android. In this guide we’ll walk through the “why” and “how” of verifying the APK file (the raw binaries that Android uses for manually installing applications) with both simple hash verification and full PGP signature validation to ensure that the app you install is exactly what we published and has not been tampered with in any way.

    Why is verification important?

    While the Google Play Store and Apple App Store provide a secure centralized method to distribute apps, control over the published application ends up in the hands of Google and Apple, respectively. Because of these centralized “walled gardens,” the ability for end users to verify that the applications they are installing are exactly what the developers publish is minimized, and trust is placed in the app store provider.

    When downloading the APK directly from Github, however, we unlock the ability to provide additional guarantees that the application you’re installing is exactly what we at Foundation have made and that it has not been tampered with along the way. Because we’re focused on securely storing and spending Bitcoin with Passport and Envoy, many users understandably want to take as many steps as possible to ensure that their funds are safe against even advanced attacks.

    When downloading binaries directly (essentially what an APK file is), even from websites you’d normally trust like Github, you’re placing trust in the source of that binary to match the source code you expect. Verifying the zipped (or compressed) APK file we publish on Github prevents Github (or a malicious attacker somehow injecting themselves between you and Github’s servers!) from being able to tamper with the Envoy APK without being detected. This verification process does require some extra work but can provide additional peace of mind to users of Envoy while reducing trust in third-parties.

    Let’s look at how exactly we can perform this verification on Android itself.

    Simple hash verification

    While full verification via PGP keys is more secure, simple hash verification is very easy and faster to perform while still giving some security guarantees against more trivial man-in-the-middle attacks. A hash of a file is a fixed-length string that uniquely represents a given file, where changing even a single bit of the file would result in an entirely different hash. As a given input file can only have a single hash, comparing the expected hash against the downloaded file ensures that not even a single bit in the file has been changed or corrupted.

    1. Download and install “DeadHash” via the Google Play Store or F-Droid
    2. Copy the SHA-256 hash for the Envoy APK zip file from the Github release page
      • The hash will look something like this:
      • 08cc97450febd558a0f54d93b181f9a90
        ccf05662828977cb8277181ab86b126
    3. This SHA-256 hash (the same hashing algorithm used for Bitcoin mining!) is a way to represent the file in a way that cannot be falsified
    4. Open DeadHash and select the folder icon to choose the Envoy APK zip file
      • Select the downloaded APK zip file, i.e. envoy-apk-1.0.7-18.zip
    5. Paste the hash you copied into the “Compare” field
    6. Press “Calculate”
    7. Ensure that the SHA-256 hash validates and gives you a nice green check-mark
      • All of the hashing algorithms except for SHA-256 should show a red X, as we’ve only provided the SHA-256 hash
      • If you get a red X for all hashes, including SHA-256, stop immediately and reach out to us at [email protected]! If it does match, you’re all set.
    DeadHash giving a successful hash check

    Fully verifying Envoy via PGP

    While more involved than simple hash verification, taking the time to validate our PGP key and signatures ensures that as many threats as possible are mitigated. When you validate the PGP keys and signatures of Envoy, you ensure that only a successful attack would require both the PGP private keys and control over our Github account(s). This verification also entirely mitigates the risk, however minor, of Github themselves tampering with the APK.

    Getting setup

    Before we get started, you’ll need to download and install a separate app on your Android device to enable you to validate the PGP key used to sign the Envoy zip file, and then import the Envoy signing key. For each of the steps below with commands (i.e. pkg install wget gnupg -y), simply copy and paste these into Termux and hit enter.

    1. Install the Termux app from Github or F-Droid
    2. Open Termux and install the required packages
      • pkg install wget gnupg -y
    3. Download the Envoy signing PGP key
      • wget --quiet https://docs.foundationdevices.com/envoy_key.pgp
    4. Download the Envoy APK file, manifest file, and PGP signature file
      • Replace the links below with those from the latest release!
      • wget --quiet https://github.com/Foundation-Devices/envoy/releases/download/v1.0.7/envoy-apk-1.0.7-18.zip
        wget --quiet https://github.com/Foundation-Devices/envoy/releases/download/v1.0.7/envoy-manifest.txt
        wget --quiet https://github.com/Foundation-Devices/envoy/releases/download/v1.0.7/envoy-manifest.txt.asc
    Successful prep steps

    verifying Envoy

    1. Import the Envoy signing PGP key
      • gpg --import envoy_key.pgp
      • Validate the key ID that is shown on the first or second line matches that on https://foundationdevices.com/pgp/ under “Envoy Signing Key”
        • i.e. “E8CE0DD2B5528043” (note that the key is not case sensitive)
      • If the key does NOT match, stop immediately and reach out to us at [email protected]! If it does match, proceed to step two below
      • This step imports the PGP key we publish on our website, allowing you to properly validate our PGP signature in the next step
    2. Verify the “envoy-manifest.txt” file is properly signed with our Envoy signing PGP key
      • gpg --verify envoy-manifest.txt.asc envoy-manifest.txt
      • You should see output including “Good signature from ‘Igor Cota <[email protected]>‘” in a line of the output from this step
      • This step ensures that the GPG key we publish was the one used to sign the envoy-manifest.txt file, and that the file has not been tampered with in any way
    3. Verify the Envoy APK zip file
      • echo "$(grep "envoy-apk" envoy-manifest.txt)" | sha256sum --check
      • This step compares the hash for the APK zip in the envoy-manifest.txt file that we’ve verified via PGP with the SHA-256 hash of the actual APK zip file we’ve downloaded, ensuring no tampering or corruption has happened
    4. If the output says something like envoy-apk-1.0.7-18.zip: OK, you’ve successfully verified the binary and can go ahead and install with added peace of mind
      • Note that the file name will change with each release, but you should always get the “OK” at the end!
      • If the output does NOT say “OK“, stop immediately and reach out to us at [email protected]!
    Successful verification of Envoy via Termux

    Conclusion

    Congratulations on successfully verifying Envoy! These steps are certainly going above and beyond, but keeping with the “don’t trust, verify” mantra is one that always pays off. If you’d like to read more about the PGP or simple hash verification process, you can take a look at the following links: