Skip to main content

Passport version 2.3.0 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.3.0 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.


We’re beyond thrilled to be able to release Passport firmware v2.3.0, including full Taproot support, revamped passphrase behavior, an all-new address explorer, master seed SeedQR export, 12-word seed phrase support, 12th/24th word generation for advanced users, and native OP_RETURN message viewing and signing.

This release is one of our largest to date and includes a massive amount of new features, improvements, and bug fixes.

For more details on each of the changes, keep reading below!


  • Say hello to full Taproot support in Passport 🥕
    • Passport now has full support for sending and receiving using Taproot, making the combination of Envoy and Passport a powerful way to leverage the latest and greatest tech that Bitcoin has to offer.
    • Note: existing Passport users will need to re-pair Passport to add Taproot-specific accounts (Envoy will automatically prompt you to do this the first time you enable Taproot).
    • Envoy must be on v1.5.0 or greater to use Taproot in Envoy directly.
  • Passport now has full support for verifying and displaying OP_RETURN messages directly on-screen.
  • Account and multisig configuration displays have been reworked to make them contextual to the currently active wallet.
    • Previously additional accounts were displayed irrespective of there being a passphrase applied or not.
    • Now, you’ll only see the account(s) specific to the currently active wallet. For example, if you’ve only ever used account #2 named 'Savings' under the passphrase 123abc, then you’ll only see that account when the passphrase 123abc is active. The same also applies to multisig configurations.
  • You can now export Passport’s master seed phrase via SeedQR, if desired.
    • Please note that this contains your seed phrase in a QR format, and so should be treated just as carefully as your seed phrase itself! Don’t scan it with your camera app, save it in an image, etc.
    • Both Compact and standard SeedQR are supported.
    • You can find the SeedQR export when viewing your seed phrase by using the left-select button to open the SeedQR export menu.
  • We’ve added a brand new address explorer, allowing you to browse receive addresses directly on Passport and even display them as QR codes!
    • Note that since Passport is an air-gapped wallet, it cannot know which addresses have or have not been used, or what your balance is.
    • You can easily access the new address explorer under the “Manage Account” section of each account.
  • Passport now allows the creation of 12 word seed phrases, and defaults to 12 word seed phrases during onboarding.
    • Users can still choose 24 word seed phrases if desired.

    • We’ve gone in-depth in a past blog post on why, but 12 word seed phrases are more secure than necessary and easier to backup and recover than 24 word seed phrases. If you’re curious for more background, read our blog post:
  • Advanced users can now generate 11 or 23 words offline, import into Passport, and Passport will automatically calculate the checksum 12th or 24th word when importing the new seed.
    • Note that if a seed is generated outside of Passport, we cannot guarantee it was done securely! There have been many cases recently of users improperly generating a seed phrase (i.e. not providing enough randomness/entropy) and having funds stolen as soon as they send them to the new seed.
    • We always recommend allowing Passport to generate new seeds for you unless you are an advanced user that understands the risks with manual seed generation via dice rolls etc.
  • You can now set a custom name for your Passport!
    • This name will be displayed on boot, making it easier to distinguish between your various Passport devices.
    • This new setting can be found under Device > Device Name in settings.
  • You can now check the exact percentage of battery Passport has in the settings under Device > Battery.


  • We’ve improved address display based on the Bitcoin Design guidelines, making it easier than ever to verify addresses on Passport!
  • Verifying addresses on Passport is now significantly faster.
  • Passport now only prompts a single/multisig wallet type choice when verifying addresses if there is a multisig config imported for the active wallet fingerprint.
  • Users can now optionally display the seed words on-screen when first setting up Passport and using encrypted backups.
  • Improved how headers are displayed when creating or importing seeds to better reflect which step of the process a user is on.
  • Added a prompt to users setting up Passport to ensure they are in a private or secure place before carrying out the setup process.
  • Removed an unnecessary prompt to select or delete firmware when going through the firmware update flow.
  • Removed unnecessary imports in the firmware compilation process, optimizing Passport firmware size.
  • Backups can now be restored from anywhere on a microSD card, not just from the “proper” backups folder.
  • Browsing files on microSD no longer has a 20 file limit.
  • Improved minor error message dialogues.
  • Auto-shutdown has been lengthened for the onboarding process to avoid accidental shutdowns during onboarding.
  • Improved the success icon when verifying addresses.
  • Verifying reproducible builds of Passport firmware is now possible without granting Docker root permissions.
  • Wasabi Wallet has been removed from the list of export options.


  • Fixed an incorrect warning dialogue when backing out of a manual encrypted backup.
  • Key Manager seed export no longer displays a setup screen that was there by mistake.
  • Fixed an issue where you couldn’t go back in the Predictive text explainers.
  • Fixed an issue where pressing back on SeedQR recovery screens would throw an error.
  • Fixed an issue where using the # character in an account name would break account name display.
  • Fixed a minor bottom menu selection display bug after exporting to SeedQR
  • Fixed a minor visual issue where the header would start scrolling in FE because it was too long.
  • Security words can only be enabled if you input the pin again correctly now.
    • Thanks to @backtopyramidone on Github for the report!
  • Improved the setup flow after resetting Passport to prevent a potential bug.


If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page

If you’d like to take the additional step of testing the reproducibility of Passport’s firmware, you can follow our guide on the topic here: Reproducibility Guide

Passport version 2.2.0 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.2.0 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.


With this version of Passport’s firmware we’ve added the ability to seamlessly switch back and forth between signing via QR and microSD, added the ability to restore from SeedQR, improved the user interface on Founder’s Edition, and added many quality of life improvements across the board. With the number of new features we included in 2.1.0, we took this release to focus on refining our unified firmware between Founder’s Edition and Batch 2, as well as paving the way for full Taproot support in 2.3.0.

For more details on each of the changes, keep reading below!


  • Automatically detect when a transaction being signed via QR is very large and prompt the user with the option to sign via microSD instead.
    • When a transaction is very large signing via QR codes can take quite a long time. This change makes it much easier for users to switch to signing via microSD before going through the hassle of trying to sign an excessively large QR code.
  • You can now write a signed transaction out to microSD directly from the animated QR screen on Passport.
    • Changed your mind and want to use microSD for that transaction you just signed? Now you can do so all from the same screen without having to go through the process of signing again.
  • You can now import a SeedQR directly into Passport when restoring from seed.
    • Easily import a SeedQR from an existing wallet or restore from a SeedQR backup of Passport with a simple QR scan.


  • Further improved signing of abnormally large transactions via both QR code and microSD.
  • Added an automatic encrypted microSD backup step when restoring Passport from a seed phrase.
  • Improved the spacing and alignment of text throughout the menu UI on Founder’s Edition to better account for the slightly different screen sizes.
  • Implemented secp256k1 support from rust-bitcoin, a requirement for full Taproot receive support in a future update.
  • We now create directories automatically on the microSD card as needed for storing partially-signed Bitcoin transactions (PSBTs), multisig configs, wallet configs, health checks, and Key manager.
    • This makes managing files much easier, especially when viewing the contents of your microSD card on a computer.
  • Passport now uses a 3-digit code for sorting backup files, ensuring that backups are easier to distinguish and sort.
    • Backups are now also sorted in reverse order, so you’ll always find your latest backup at the top when restoring or viewing existing backups!
  • Added additional context when setting a passphrase to ensure users understand that all passphrases are valid, and that Passport will clear passphrases upon shutdown.
  • Initial address verification for new accounts is now much faster.
  • Optimized fonts to free up some space in firmware.
  • Improved the Foundation icon when setting up a new Passport Founder’s Edition device.
  • Improved special character selection.
  • Upgraded to the latest version of foundation-rs, our open-source Rust library.
  • Removed unnecessary USB files, correcting a minor licensing display issue and simplifying compilation.
  • Improved copy and behavior of hiding and showing hidden keys in Key Manager.
  • Improved the behavior of the passphrase application flow when a user incorrectly enters a passphrase and notices the fingerprint does not match.
  • Improved copy on the account details screen regarding the derivation path.
  • Improved the way top icons are displayed on Founder’s Edition.
  • Improved battery level detection and display on Founder’s Edition.


  • Fixed a rare bug that wouldn’t properly display the message after a device is bricked after 21 failed PIN attempts.
  • Passport now properly displays an error when an unusable QR code is scanned that the user can close.
  • Passport now properly resumes saving a file if a microSD card is inserted at the “Missing microSD card” screen.
  • Fixed a display issue when canceling a transaction before signing.
  • Fixed a rare bug where big transactions would occasionally prevent Founder’s Edition from displaying the signed QR code transaction.
  • Fixed a minor display issue with specific, long-form error messages.
  • Fixed a minor issue when exporting to Sparrow under rare circumstances.


If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page

If you’d like to take the additional step of testing the reproducibility of Passport’s firmware, you can follow our guide on the topic here: Reproducibility Guide

Announcing our Early Access Rewards program

One of the powerful use-cases that Bitcoin unlocked with it’s peer-to-peer nature is the ability to incentivize and reward contributions without any middlemen or hoops to jump through. This movement has come to be known as “value4value,” and has provided an immensely powerful new tool for content creators, Nostr users, and now community members. Today we’re excited to unveil a new program implementing the value4value philosophy into our existing beta testing process — Early Access Rewards.

tl;dr — Be the first to report any reproducible issue for Passport or Envoy beta releases and get a 10k Satoshi bounty in Bitcoin per issue reported!

Early Access Rewards Highlights

The premise of the Early Access Rewards program is quite simple: contribute meaningful bug reports for Envoy or Passport releases while they’re in open beta, and get rewarded for each individual contribution. No middleman, no lengthy ToS, no Foundation login or account necessary.

How to participate:

  1. Test the beta releases for Passport firmware or Envoy app.
  2. Report issues on Github.
  3. All issues (the first time they are reported) are eligible for the 10k Satoshi reward.
  4. Foundation team members will validate the issues for eligibility.
  5. Rewards sent directly to your provided Bitcoin address or Lightning invoice.

Join Early Access Rewards today

Want to earn sats for your important contributions to our open-source projects? Simply join our beta testers Telegram room below and keep an eye out for beta release announcements. Once a release is announced, you can submit any issues you find via Github and earn 10k sats per validated issue.

Once you discover an issue with the beta release, submit it via Github using the following links with the “Bug Report” option. Note that this does require a Github account:

Join the community, help us improve, and get rewarded in Bitcoin for your valuable contributions! ????

The future of Early Access Rewards

We’re excited to see how well this program works to incentivize important feedback and contributions from our fantastic community, but we also have plans to expand the program in the future. We’re currently considering creating a hardware Early Access program to get our newest products in the hands of invaluable community members first, and top contributors to this Early Access Rewards program will be first in line.

We have multiple new products in the works, and we can’t wait to watch each of you help us to build and improve as we bring freedom tech to more and more people around the globe. As one of the top contributors to our Early Access Rewards program, you’ll get the chance to test our new products for free as a thank you for your contributions in exchange for feedback and bug reports.

The (not so) fine print

If you have more specific questions on how the program will work, you can read the detailed rules below. Have a question? Don’t hesitate to ask in the Telegram room or email us at [email protected].

  1. Eligibility for Rewards: a. The first reporter of any reproducible issue for Passport or Envoy beta releases is eligible for a 10k Satoshi bounty, paid in Bitcoin. b. Issues must be reported only once, and once made public, they are no longer eligible for additional 10k Satoshi bounties.
  2. Reporting Process: a. All issues should be reported on Github in the appropriate repository:
  3. Reproducible Issues: a. Issues must be reproducible, meaning that Foundation team members can accurately recreate and validate the issue in the Envoy app or Passport firmware.
  4. Judgement and Reward: a. Foundation reserves the right to make the final judgment on whether issues are eligible for the 10k Satoshi reward. b. Once an issue is verified and confirmed as eligible, the reward will be sent to the reporter’s provided Bitcoin address or Lightning invoice.
  5. Rewards Distribution: a. The rewards will be distributed in Bitcoin (BTC). b. The amount of the reward will be 10,000 Satoshi for each eligible issue. c. All rewards will be paid out at the end of the beta period.
  6. Confidentiality: a. While issues will be made public upon reporting, beta testers should avoid sharing sensitive or personal information in public discussions about the issues.
  7. Compliance: a. All beta testers must comply with the rules and guidelines set by Foundation Devices during the beta testing period. b. Any violation of the rules may result in disqualification from the beta testing program and forfeiture of rewards.
  8. Changes to the Rules: a. Foundation Devices reserves the right to modify the rules or terminate the beta testing program at any time without prior notice.
  9. Disclaimer: a. Beta testers participate in the program at their own risk, and Foundation Devices shall not be liable for any damages or losses incurred during beta testing.

All your wallets, one backup

With the release of our latest update for Passport, we’ve empowered you to leverage your Passport for far more than just a cold storage wallet. The introduction of a new “Key Manager” extension enables two powerful new tools in child seeds and Nostr keys, both of which are derived directly from your Bitcoin seed on Passport and automatically backed up to microSD. All of your wallets under one backup.

As both of these features are entirely new to our products, we’ve set out in this blog post to explain how you can use them, detail some real world use-cases, and walk through how all of this is possible from a simple Bitcoin seed phrase.

BIP 85 done right

While the ability to create nearly infinite child wallets from a single master seed phrase has been around for a few years in BIP 85, the complicating factor has always been how to implement in a way that is intuitive and easy to use. In previous attempts at allowing users to generate child keys they’ve required manual index backups, had no ability to name the keys themselves to differentiate them, and have pushed the feature to only the most advanced Bitcoin users.

As one of our goals at Foundation is to bring Bitcoin self-custody down into the real-world and make it more approachable, we spent many hours working with our design team to make Key Manager accessible for even the least technical users. That work has culminated in an extension that takes one click to enable and then guides you through every aspect of key management, regardless of background or expertise.

Key Manager at a glance

Let’s get to the fun stuff — how does all of this actually play out when using Passport? All you have to do to unlock all of this new functionality in Passport is to enable the Key Manager extension from the settings menu. Just a few presses and you have a new card on your home screen that lets you create and manage BIP 85 child seeds and Nostr keys with a few clicks! View all your keys, distinguish them quickly by unique icons, and manage their names in seconds.

Once you have enabled Key Manager, creating a new key is incredibly straight forward. Simply navigate to the new Key Manager card on your home screen and select “New Key.” Choose how many words you want the seed to be and the new key is automatically saved via encrypted microSD backups. When you need to use the new child seed in another wallet, simply select “Export,” choose whichever format your favorite wallet supports, and import it. It’s that easy.

Using Key Manager in the real world

Still wondering how all of this can help you? Let’s walk through some real-world examples of ways that you can leverage child seeds to simplify and safeguard your Bitcoin journey. Once you’ve secured your Passport backup properly — either by encrypted microSD backups or manual seed backup — you can start creating child seeds for all kinds of uses without the additional headache of needing to back each of them up separately.

One of the most common and immediately useful ways to leverage child seeds is by using a child seed from Passport for your mobile wallet of choice. Simply turn on your Passport, navigate to the Key Manager page, create and name a new key, and then export as a QR or seed words and setup your mobile wallet. In just a few minutes you have a highly secure backup already in place for your new mobile wallet, but can spend easily and freely on the go. This makes pairing Passport with Envoy as a mobile wallet the best of both worlds.

Another common use-case for our more privacy-minded community is to use a child seed from Passport to create a hot wallet for mixing in Samourai Wallet or Sparrow Wallet. You can now easily keep those funds in your mixing wallet while you’re reclaiming your privacy without an additional seed to back up (or potentially lose). You can even leverage Sparrow Wallet to mix from that new child seed directly to Passport using our Postmix extension, bringing privacy to your cold storage without all of the normal headaches. Privacy meets peace of mind.

Lastly, child seeds present an incredible way for those who are more knowledgeable and further along in their Bitcoin journey to help back up funds of close family and friends while they’re learning the ropes. You can generate child seeds for your parents, your kids, or your friends who are new to Bitcoin to help get them started while reducing the risk of them losing precious sats. While this does give you access to their bitcoin, it’s a great temporary tool while they get comfortable using Bitcoin.

But wait, there’s more!

That’s not all that the Key Manager extension enables, though! We’ve also been building out full Nostr key support as a part of the extension, allowing you to leverage the power of child keys to create Nostr keys directly from your Bitcoin seed on Passport. One master backup with Passport and all your Nostr keys are safe and secure.

When you want to create that new Nostr key, it’s as easy as navigating to the new Key Manager card, selecting “New Key,” choosing the “Nostr” option, and then naming it as you see fit. Whenever you want to login to a Nostr client, simply export the new key to QR and scan it from your favorite client (Amethyst currently supports this) or export to microSD as a text file and copy paste if necessary. No more worrying about losing your Nostr key.

While it’s not live in this release, we’ve also been hard at work implementing delegated key signing a la NIP-26 into Passport. This new approach to key management means that you can leverage a child key to sign-in and use Nostr without ever exposing your master Nostr key to the world. This standard and implementation are still in their infancy, but we’re excited to help grow the ways that our users can leverage Passport to empower their freedom in areas outside of Bitcoin alone. We’re thankful for all those working on freedom tech more broadly and we can’t wait to get delegated key signing in your hands shortly.

Driving Nostr forward

Nostr key management is one of the areas where Nostr is very early in development today, so we’ve been working hard as a team to find ways that we can give back to the Nostr ecosystem and help to drive forward mature standards. One of the ways we have worked to improve the ecosystem is by helping expand the standard for Nostr key derivation in NIP-06 to include generating multiple keys properly. We helped to develop and test a derivation method that would allow you to generate practically infinite usable Nostr keys from a single Bitcoin seed and contributed that tested definition to the official repository on Github.

Another key way we have worked to help grow the Nostr key management ecosystem is through funding bounties to implement Nostr key QR login and delegated key use in Amethyst, one of our favorite Nostr clients today. Taking the time to create issues for features you love and drive open bounties incentivizes developers to implement these features and rewards them for their incredible contributions to free and open-source code, something that is absolutely vital to continuing to grow the FOSS movement!

If you’re on Nostr today, be sure to follow us below to keep up with the latest things we’re building, writing, and sharing:

What’s next

We’re also working on expanding the Taproot payments support added in this version into full Taproot support to both send and receive, implementing NIP 26 support as mentioned above, and much more. We hope you enjoy the new features in Passport’s latest firmware as much as we do, and we can’t wait to hear your feedback on what uses you find for child seeds, Nostr keys, and so much more!

If you’d like to learn more about the technical details and usage of Key Manager, you can jump right into our detailed support docs below:

Passport version 2.1.2 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.1.2 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.


In version 2.1.2, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including backporting v2.1 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP 85 and Nostr key support and export, and BIP 85 SeedQR exports. Features, features everywhere.

For more details on each of the changes, keep reading below!


  • Backported our firmware from Batch 2 to Founder’s Edition, bringing firmware parity for all of our early supporters
    • We’re thrilled that those of you running Founder’s Edition devices will now have the latest and greatest features and improvements that we’ve been developing for Passport
    • This backport also means that we will be able to keep Founder’s Edition firmware up to date with Batch 2 as they now use the same base code
  • Added support for sending to Taproot (“P2TR”) addresses
    • Welcome to the world of Taproot, where you can now send transactions to any Taproot address (those starting with “bc1p”)
  • Added a “Key Manager” extension for enabling advanced functionalities
    • To learn more about our newest extension, dive into our support docs
    • You can use Key Manager to generate and export:
      • BIP 85 child seeds, allowing you to backup only Passport’s seed and be able to recover other wallets directly from Passport’s seed
      • Nostr private keys, allowing you to securely generate, easily backup, and recover your Nostr private keys directly from Passport or Passport’s seed
        • Simply display your Nostr key as a QR code and login directly to your favorite app with a single scan. No more copy-pasting private keys.
        • See how fast this can be in our Twitter post with video
        • Thanks to greenart7c3 you can use this today in Amethyst, a fantastic Android Nostr app!
      • …And possibly more in the future! This is a great place for open source tinkerers to add other keys they want to Passport’s firmware
      • Please note that if you export keys as QR codes, you should be careful what you scan them with! Apps like Google Camera will often open the content of the QR code in your default search engine, exposing that key to Google etc.
    • Any keys you set up will be automatically backed up to microSD in an encrypted format, making recovery a breeze
  • Added support for exporting BIP 85 seeds via SeedQR
    • Exports are possible via SeedQR and Compact SeedQR
    • Importing SeedQR is coming soon!
  • Allow users to display their PIN when entering it by pressing the “UP” key during PIN entry
    • Just in case you want to be sure you have it entered correctly, be sure not to do this in a place where it might be seen!


  • Cleaned up our C code, optimizing our firmware and giving more space for amazing new features
  • Make “Erase Now” no longer the default selected option when you enter the erase screen, just to be sure an itchy trigger finger won’t accidentally erase your Passport
  • Ensure Founder’s Edition properly communicates its device information to Envoy
  • Passport will now indicate that it’s 30 seconds away from auto-shutdown by dimming its screen
  • Removed support for 18-word seed phrases as they are very, very rarely used


  • Fixes a bug where the backups folder was sometimes not created on the microSD. When this occurred Passport would also fail to create the backup file.
  • Improved error handling and prevention in displaying transaction info
  • Better handling of errors caused by other wallets’ multisig config formats
  • Fixed a display issue with the screen brightness icon
  • Fixed an issue that would prevent signing of PSBTs in sub-directories on microSD


If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page

Passport version 2.0.7 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.0.7 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.


In version 2.0.7, we’ve reworked memory management when signing transactions from the ground up, drastically improving handling of larger than normal transactions via QR codes. We’ve also added the ability to delete files from microSD directly on Passport, allow you to export multisig configs directly via QR and microSD, and cleaned up a few small bugs.

For more details on each of the changes, keep reading below!


  • Added the ability to delete files off of the microSD card directly from Passport’s file explorer
  • Added a feature to easily export full multisig configs via QR or microSD
    • Passport can now act as an additional secure option for you to store your multisig configuration file(s)
    • Now, if you were to lose a hardware wallet and its backup, you can easily recover your entire multisig wallet in something like Bitcoin Keeper, directly from Passport


  • Drastically improved memory management when signing transactions via QR code
    • This improvements means that even those of you with complex multisig setups or dozens of UTXOs can now use QR codes to sign transactions
    • We do still recommend microSD for abnormally large transactions, as it is much faster for passing larger amounts of data by nature
  • Improved how we display sending funds to yourself to make it clearer what is happening
  • Renamed “Keeper” to “Bitcoin Keeper” in wallet export flow


  • Corrected a color inversion issue with the camera viewfinder
  • Corrected a minor terminology issue in multisig config text
  • Fixed a bug where Passport could say it was exporting a wallet summary to microSD without a microSD card inserted
  • Added a more detailed and helpful error message when a transaction is too large to sign via QR codes


If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page

Passport version 2.0.6 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.0.6 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.

With version 2.0.6 of Passport firmware, we’ve added a fix for a pin entry issue that affected users with alphanumeric pins in the now deprecated v2.0.5.

NOTE: Since we have deprecated v2.0.5, we’ve replicated the blog post from that version below.

What’s changed

With version 2.0.6 of Passport firmware, we worked hard to drastically improve QR code scanning and processing, bringing speed and compatibility up to our standards. We’ve also added official support for Keeper Wallet, a new multisig focused wallet, and cleaned up a few bugs.

For more details on each of the changes, keep reading below!

New Features

  • Added support for Keeper Wallet
    • Keeper is a new wallet in alpha focusing on bringing a user-friendly experience to multisig and inheritance. Now you can use it with Passport as one of your keys with a native option under accounts to connect to Keeper.
  • Support looping through menus
    • Get tired of pressing that left key? Prefer to just mash one button? Now you can cycle through pages by just pressing right or left repeatedly.


  • Improved camera QR code scanning performance
    • Camera performance has been a major focus in this release as we weren’t happy with speed and handling of certain QR code sizes and resolutions.
    • We’re happy to say that QR code scanning is finally up to our standards, and scanning should be much snappier and less finnicky across practically all wallets.
    • Two of the specific changes are:
      • Changed the camera to use a 4:3 resolution
      • Changed the QR scanning library to a more stable version
  • Improved performance of address verification
  • Show security words immediately after activation of security words
  • Improved supply chain validation scan errors
  • Improved Casa health check error handling

Bug Fixes

  • Fixed a visual bug around alphanumeric PIN entry
  • Fix Passport lockup during initialization while pressing keys
    • If you’ve ever had your passport keyboard become unresponsive after booting, it was likely due to this bug
  • Resolved a few key Casa integration bugs
    • Fix an error when trying to export Casa configuration using microSD
    • Fix Casa health check scanning
    • Fix Casa transaction signing issue
  • Fix multiple minor memory leaks
  • Alphabetical order of software wallets displayed was fixed
  • Improve animation on “Verify Address” screen
  • Bring forward a microSD card bug fix from Founder’s Edition code
  • Fix passphrase not being shown when showing seed words
  • Reset extension settings and search address space on Passport erase
  • Fix Passport freezing when using special characters
  • When setting up Passport allow user to go back to update the firmware
    or to change the setup method
  • Fix crash when importing multisig configuration without valid keys
  • Display a warning when backing up Passport with a passphrase applied
  • Use root XFP as the filename for the backup when a passphrase is applied
  • Ensure extension accounts show the passphrase indicator
  • Fix lockup on wrong PIN entry
  • Filter keypad double-presses
  • Extended the shutdown timer while scanning and displaying QRs
  • Revert a regression in account header display
  • Prevent multisig config import failing when a passphrase is present
  • Fix a bug that would crash the file explorer if there were too many files on the microSD card

Verifying and Installing Passport Firmware

If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page

Why we love encrypted microSD backups

Those of you who have been in Bitcoin for a while may be used to the seed phrase shuffle involved in creating a new Bitcoin wallet, but that concept is one that is alien to the normal person’s experience in the digital world. As people have become more and more used to trusting a centralized entity with their data behind only a username and password, the idea of physically writing down 12 or 24 words as a way to store wealth is not necessarily the most approachable.

While the concept of encrypted backups to microSD isn’t a new one, we’ve taken the path of using microSD backups as the default on-boarding method when a user sets up their new Passport. This approach does introduce a new set of trade-offs, but we think that it is a simpler approach for most people and opens up new possibilities when it comes to storing the secrets required to restore your funds after you lose your Passport, break it, or suffer a physical theft. Our goal with encrypted microSD backups is to improve the user experience and peace of mind for new users without sacrificing security, and we think this approach does just that.

Why not just use seed phrases like everyone else?

Here at Foundation, we’re deeply passionate about not only helping to onboard the deeply technical users in the Bitcoin community, but also ensuring that those who are new to the space can more easily dive down the rabbit hole of Bitcoin. This means that we work hard to ensure that deeply technical and complex setups can work well with Passport + Envoy, as well as very simplistic and approachable setups that are more friendly to new users.

This is why we’ve chosen to support both seed phrases and microSD backups and leave the choice up to the user. While we’ve made the default flow follow the microSD backup path, we still expose the seed words to users in the settings menu, allowing the standard backup path to be chosen by those who understand the trade-offs inherent in it. Unfortunately a seed cannot be used to backup and restore device configuration, account names, transaction tags, etc., meaning that a seed phrase can never restore any off-chain data.

If you backup the seed phrase you can always restore funds like normal in the Bitcoin space – both with Passport or with any other Bitcoin wallet of your choosing.

How do encrypted microSD backups work?

When you create a backup of your passport to microSD (something that automatically happens when you first setup your Passport and anytime you make account changes to it), Passport creates an encrypted 7-zip file using a 20-digit passcode that is generated using Passport’s three forms of entropy:

  1. The onboard CPU’s random number generator
  2. The secure element’s true random number generator
  3. The open source Avalanche noise entropy source

These three forms of entropy are used so that even if one was somehow compromised or vulnerable to attack, the passcode would still be cryptographically secure. 

This standard form of 7-zip encryption uses AES-256 to encrypt the data, and then uses a form of SHA-256 to hash the 20-digit passcode into a 256-bit key. The combination of these techniques means that there are 100,000,000,000,000,000,000 possible combinations of passcodes, making it practically impossible to bruteforce the passcode if an attacker somehow obtained the backup file.

As long as a user has access to both the backup file and the 20-digit passcode, they can not only restore their funds, they can also restore all device settings, accounts, account names, multisig configurations, etc. in just a couple of minutes. As the encrypted backup file is a standard 7-zip format, even if Foundation disappeared and your Passport stopped working you could easily decrypt the file with your 20-digit passcode on a computer and import the seed into any of your favorite Bitcoin wallets.

To learn more about the backup functionality, you can read through our docs here.

What are the key advantages of encrypted backups?

Migrating from seed phrases to an encrypted microSD backup (or utilizing them alongside a standard seed phrase backup) provides a few key advantages for users:

  1. All device configuration, accounts, account names, and multisig configurations are fully backed up and automatically restored when using microSD backups
    1. If you merely backup the seed phrase all of this secondary data is not backed up, leading to a lot of initial headache and extra setup necessary when restoring onto another device in the future
  2. You can safely make and distribute multiple copies of the backup file – even to family or friends you don’t fully trust – as they cannot view or move funds in any way with just the backup file
    1. Just be sure not to also give them the passcode!
  3. You can store the passcode safely in an end-to-end encrypted password manager like Bitwarden without risk of funds being stolen even if someone got access to your Bitwarden account
    1. Just be sure not to also store the backup file there!
  4. An attacker or thief finding either your backup file or passcode would not be able to easily tell that they are Bitcoin-related
    1. There is no reason for an attacker to suspect that a microSD card or 20-digit passcode would be worth stealing
  5. An attacker or thief finding either your backup file or passcode could not view or steal funds in any way without having both the backup file and passcode

What are the key disadvantages of encrypted backups?

While we think the overall trade-offs inherent in microSD backups are well worth it, there are some key drawbacks that you should be aware of if you choose to only use encrypted microSD backups:

  1. You must have both the 20-digit passcode and encrypted backup file to restore funds
    1. I.e. if you lose either one you will be unable to restore funds!
    2. This means that microSD backups do introduce a second single point of failure
    3. Advantage #3 above greatly reduces this disadvantages impact, practically
  2. If you store both the encrypted backup and passcode together, it provides no added security over a plaintext seed phrase
  3. MicroSD cards themselves have a limited lifecycle and can fail – it’s important to use high-quality industrial-grade microSD cards (like those we ship with Passport) to reduce this risk
    1. You can also backup the file to another storage medium like a NAS or extra hard drive as another failsafe, and shouldn’t rely on a single microSD card alone!

This may be a short list, but the first point is extremely important to understand – losing either the passcode or the encrypted backup file would lead to loss of funds if you also lost or broke your Passport!

Which should I use?

The beauty of Bitcoin is that it enables you to choose your own path, and we certainly don’t want to inhibit that freedom. That’s why we leave the ultimate choice up to you and ensure that you aren’t locked into our ecosystem (or even our favorite approach). Whether you choose microSD backups or seed phrases (or both!) is up to you, but both can be easily imported into any standard Bitcoin wallet app. If you want added peace of mind, you can even use both and store the three pieces separately – encrypted backup file, 20-digit passcode, and seed phrase!

Ultimately the choice is yours, but we certainly love encrypted backups and how they’re helping onboard less technical users in a way that is approachable and secure.

Passport version 2.0.4 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.0.4 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.

What’s changed

With version 2.0.4 of Passport firmware, we added the Extensions menu, allowing users to enable extra features on Passport with the flick of a switch, starting with the Casa and Postmix extensions. We also greatly improved the QR code scanning and display functionality and fixed several minor bugs.

For more details on each of the changes, keep reading below!

New Features


  • Improved QR code display and scanning
    • Improve the size and density of QR codes to better fill the screen
    • Remove vertical line from camera image when scanning QR codes
    • Remember last brightness setting when showing a QR code
    • Remember last pixel density setting when showing a QR code
  • Improve microSD and file handling
    • Autorefresh file picker when microSD inserted/removed
    • Erase the PSBT file after signing
    • Allow user to go back up a level when there are no files in the current directory
  • Improve user experience
    • Make delete key handling on Backup Code page more intuitive
    • Add low power warning dialog when battery hits 5%
    • Tell user when they are installing a developer-signed firmware update
    • Show new fingerprint (XFP) when switching passphrases
    • Show Clear Passphrase and Change Passphrase menus instead when a passphrase is already active
  • Show brick warnings on 5 and 1 PIN code entry attempts remaining
    • Ensure that users properly understand that the device will be bricked after entering an incorrect PIN code 21 times
  • Add several new/updated icons
  • Add support to enter account numbers up to 2,147,483,646
  • Improved paginated layout for seed words page
  • Rename Testnet menu to Network
  • Search “change” addresses for multisig address verification

Bug Fixes

  • Bring forward bug fixes from Founder’s Edition code
  • Fix Verify Address for all uppercase bech32 addresses
  • Fix XFP missing crash
  • Respect “Skip address verification” flag in wallet settings
  • Respect “Force multisig policy” flag in wallet settings
  • Fix multisig import and multisig address verification during connect wallet process
  • Fix text alignment in mulitsig QR import screen
  • Fix scrollbar margins in a few places
  • Fix QR and microSD wallet import crashes
  • Fix backspace bug when entering a 12 digit PIN
  • Fix toggle switch right padding
  • Don’t import duplicate multisig wallets (show error page)
  • When Auto-Shutdown is set to Never, the selection now scrolls into view properly
  • Fix Bitcoin URI parsing (when URI was followed by query params, parsing failed)
  • Allow up/down keys to increase/decrease screen brightness on all QR code pages, not just animated ones

Verifying and Installing Passport Firmware

If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page