Topic: Foundation Devices 'Passport Batch 2' hardware wallet review - page 3. (Read 1945 times)

Yeah, you are correct.

Sparrow refuses to connect to Core with that flag.

I have already checked this


I have 20 characters password that serves as extension to my SEED and  in my view it s very inconvenience to enter password every time when rebooting.  

I need this password as a second layer of security to my funds.

If it is not top secret, what software wallet do you personally use with Passport?

If Sparrow states that it can't connect to Bitcoin Core when the flag is set to 1, they probably have a good reason to do so. I haven't looked into that myself, but I believe that if you disable Bitcoin Core's internal wallet, that disables a lot of functionality which is also required for connecting a different wallet (e.g. Sparrow) to it.

Anyway, I don't get why you'd want to disable the Bitcoin Core wallet in the first place. As long as you don't send funds to it, turning it off won't really make you any more or less secure.

If you use a mnemonic passphrase, you have to enter it every time you reboot, but otherwise you don't need to enter it when using the device.

Here you can see the official Foundation Devices documentation of this feature, which includes a video:
https://docs.foundationdevices.com/passport/more#enter-passphrase

Welcome to Bitcointalk! Very awesome that you decided to join the original bitcoin community and I feel that this will only benefit your company and reputation!


Your devices are very promising and have a lot of great features. They somehow look a little bit like an old phone, which I can not decide if it is a good thing or a bad thing Is there a specific reason for that design choice?

Hi, I've almost made up my mind to order Passport for myself.

I am intended to use it with Sparrow wallet connected to net via Bitcoin Core node.

In this respect, I wonder whether Bitcoin Core can  run with flag that disables its wallet?

Sparrow docs states that Bitcoin Core should not  have  disablewallet=1 flag  but I think that in the case when it used as light-weight client for Passport such flag might be a valid thing.

Is this correct?

And one more question.

Is this true that Passport does not allow for the  second PIN allocated for addresses batch generated by  SEED + password and there is a need for manual input of that password each single time  in order to have access to those addresses?

Awesome, welcome to Bitcointalk! Hopefully we can also ping it at @foundationdvcs if there is something important to know directly from the 'source' in a discussion. Sure, you are welcome.

That sounds great. The official thread looks very nice, I can see your guys put some time into getting into BBCode and making it all look pretty. As well as reserving a post for firmware updates / release notes. I'm putting it right into my bookmarks!

Thank you for the kind welcome!

Excited to better support our users (both current and potential) here on Bitcoin Talk, this will be a priority for us moving forward and we'll be monitoring the key threads around Foundation devices.

Expect to see software releases dropped here at the same time as publishing to Github, and any important company news etc. around Passport (+ future devices/products in their own threads!)

Nobody should carry hardware wallets with themselves everywhere, like keychain or phones, except in some special cases.
However, I consider portability to be very important when you are traveling and you need to have funds available with you all the time.
There are many cases of people being able to survive and escape war zones thanks to Bitcoin and hardware wallets.

It's funny how people don't care what happens with their cards, and we literally know they are stolen every day  
Even worse for smartphones, they can hold virtual cards and many sensitive information, this can certainly be used to harm you.
If we look at percentages there is much higher chance of someone get stolen wallet with cash and smartphones, than hardware wallets.
I bet that thief would not stole old Nokia-like phone from anyone

Welcome to bitcoitnalk!
I hope you can be active here in forum and post regular updates.

Hello everyone,

Just wanted to let you know that we've created an official Foundation account and topic for Batch 2 here:

https://bitcointalksearch.org/topic/foundation-passport-official-thread-5441422

Thank you so much for the detailed and in-depth review, n0nce, and for driving such high-signal discussion in this thread!

You could be the first one to do it. Get a sponsor who will purchase you the test models that you will drop in exchange for your signature space. Then conduct a fair and controlled experiment.

Although, I don't see the Passport or ColdCard as the favorites to win here. The bigger and heavier the device, the less chance it will have to survive. Trezor and Ledger would probably win here. Ledger's metal cap would maybe fall off but I think the wallet would remain functional. I don't think the credit card-looking gadgets should be part of the experiment.   

To be fair, most hardware wallets somewhat resemble either those metal wallets you put your credit cards in or PDA devices. So, it shouldn't draw too much attention. However, I'm not one for carrying hardware wallets out in the open, so I guess it's not much of an issue. At least, not the main one. I guess having a hot wallet in a hardware wallet could potentially work, and draw attention.

Although, I step out every day with a wallet, debit card, and all that. So, I'm just as at risk. As long as you aren't carrying your hardware wallet with all your Bitcoin in it, and you take one that's got a small amount meant for spending or emergencies, it's the same as carrying fiat with you. Every day people see you carry fiat, and for the most part it remains safe.

Of course when crossing borders or otherwise put in a position in which someone might violate their authority over you or infringe upon your rights, including possibly your various sovereignty rights that you do not even need to disclose or argue that you have, there are a variety of ways in which your devices do not need to be loaded with visible funds.. but of course, they might need to be loaded with some funds and some recent transactions in order to potentially cause an attacker, whether state authorized or a private attacker from potentially believing that you are NOT disclosing what they might conclude (falsely or otherwise) what they believe that you "should disclose."

So for example, even if your devices are confiscated because perhaps there is a perception that you are carrying value on that device (even though we know the value is not really carried on the device  - even though access to the value could be facilitated by such device), there may well need to be a back up plan in which numbers and letters could be put together and reloaded on the other side of that event and to get access to funds - if there is a desire to have access to value in some location in which it might be presumed that you do not have much if any value to transact for your own personal purposes.

In the past, I have gotten confused about derivation paths and trying to figure out how to access some funds if using a different device and sometimes I have had trouble not being able to load funds or there is some level of incompatibility that I cannot figure out in a short period of time in which all of the accounts are not shown when I reload the device - and I don't claim to be sophisticated enough to always figure out what might be the solution - and surely depending on if matters might be timely, or even if matters might be sufficiently backed up, then there could be some vulnerabilities in terms of losing access to funds with the passage of time if there might be questions of how to regain access to funds or were they "only accessible" through one kind of a device.. so sometimes, I become a bit concerned that folks, including myself, might end up putting ourselves into a position in which it becomes difficult to recover funds or that we might end up leaking data that we don't want to have leaked - and whether or not carrying multiple devices solves the problem or not (or even if we might be comfortable to change the kind of devices that we use), might be questionable because maybe some of us might feel that we need the same kind of device in order to load our funds on the other end of going from one point to another point in which we might be searched.... and maybe question if we have enough information to load the replacement device, or if we are able to get the same kind of a device that we had in the new jurisdiction (or if we need to have the same kind of a device on the other end), or even question if our own security might have become too good in which we lock ourselves out of our own funds or we are trying to accomplish transactions that are beyond our own technical capabilities.. which also can be scary in terms of how much we might feel that we want to or have time to "experiment" carrying one kind of a device versus another kind of a device.


I may well need to shut up then, even though personally, I consider that weighing the various features of various wallets and/or devices can help a person to decide if it might be worth the potential time invested to actually purchase one device or another and if s/he finds a possible current use case for such device, over other ways that s/he might be currently carrying and transmitting value in one place versus another.. including when traveling there sometimes can be some uncertainties regarding how to get from one location to another (and if opsec might be questioned) and then when getting on the other end whether access to such device might be available or even needed to access funds... ..for example, I am pretty sure that this will work on the other end, and if it will not work, then am I going to need to go back (am I able to go back) to the earlier location.

You don't have to believe me, but I do know how hardware wallets work.


I'm a middle-aged mechanical engineer.  I don't go anywhere without my HP48.


Oh, I see what you were saying now; the functional part may fail, but the rest of it will last decades.

Well, I get what DireWolfM14 is saying. Many mobile apps don't have as many options that the big desktop wallets. Many are not open-source, or they're not reproducible, don't allow you to change the Electrum server, don't have Tor, ...
Since you do store the xpub in the software wallet and there is some risk (of compromised privacy) when losing it / someone getting a copy of it, I understand why someone wants to stay on the cautious side with mobile wallets.

To be honest, I still don't think it is huge, either.. T9 seems like an awfully good sweet spot between size and usability. The electronics of Q1 should be much more compact than what we're seeing here. Its size is mostly influenced by the keyboard, in my opinion.

---

Please let's stay on-topic (Foundation Passport)...

You are not ''loading'' anything on your phone, it's just interface and your keys/coins are still on hardware wallet.
Some cards work with laptop, so you can carry that with yourself, you can even carry your whole mobile office if you want along with ugly fake calculator.

It's fake calculator that can't work without cable or some weird battery gadget, so only an idiot would think this is real calculator, but I could argue that you would be very much suspicious and draw attention because people don't use calculators anymore.

I never said NFC chips will last decades, but they probably will last long time.
I was speaking about material cards are made off, same as credit cards... it's common fact they can last decades, and some of them are waterproof or made of metal.
Nothing can break and there are no mechanical parts, no screen and no buttons, so they are very durable.

Oh great, price matches new ColdBerry perfectly, so let's buy reserve one pair for DireWolf in camo color combination and super BIG pockets so he can blend in everywhere with his portable devices

Don't you worry. I just saw on their website, they now offer the perfect pants to carry it around.


It is a joke!

Not yet! Now you gave me an idea.. I have thought about requesting hardware wallet 'review units' instead of always buying them from my pocket, but the dilemma would be that you're usually allowed to keep them. I could solve that by just performing a drop test / durability test until failure for each device. The flaw with this approach is that sample size N=1 is a bad idea to draw conclusions like that. You could be unlucky and be the 1 in 1,000,000 whose device is exceptionally strong or weak.

Or just software wallets... But this is getting off-topic! Happy to discuss hardware wallets and border security in a dedicated thread, of course.

Interesting. As mentioned, I'd love to talk more about this in a dedicated thread and hopefully also collect people's experiences.
Now that I think about it, we may be totally overthinking it. Through the sheer number of electronics they pass through their scanners every day, they might have 'seen it all' and don't really care about a modern candybar-phone-looking device whatsoever.

Lol, lucky for me I trust my kids.  They are all responsible adults, so the conversation about the Passport actually went like this:

Daughter: What's that?
Papa: The best hardware wallet I've ever used.
Daughter: Oh yeah, I can see that.  It looks cool.  It resembles an old phone, is it supposed to?

As for the security guard at the airport, he will never see the Passport.  I travel with the ColdCard which seems to attract no attention in my experience.

---

I don't know about all that.  First off, I refuse to load my hardware wallets into my phone.  I have a few hundred bucks in my hot wallet, and that's usually all I need. 

Second, if I travel for more than just a weekend (and potentially need more funds,) I'll need to have a computer with me for other reasons, and I prefer to have the ColdCard with me.  And realistically a "cheap calculator" is less likely to get stolen than a credit card.

Third, I don't know how you can say that NFC chips will last for decades.  They haven't even been around for decades, and mine start failing after keeping them in my wallet for a couple of years.

If you want incognito hardware wallet, than I guess best option for you is credit card format hardware wallets (Tangem, Satochip, etc.) that don't have any screen, and they communicate with application on smartphone.
You can carry this card format wallets in your wallet, most of them are waterproof, and can last for decades... all other hardware wallets are not incognito at all, and I saw most of them.

hahaha....imagine having all this stuff in your pocket as ''portable'' device
And for new gigantic ColdCard Q1 device you probably need to have some special kind of pockets.

I think that Passport is lighter than most smartphones but it could be even lighter if they used cheaper materials.
My question is what happens with Passport if it falls on ground   because I have a bad habit of dropping things, phones, etc.
Did anyone conduct any testing, even accidental drop test?

Again, best option for this is credit card style hardware wallets, that is mixed with regular cards and paper bills in your leather wallet.

I understand the concept of NOT drawing attention.. and then having some kind of a quick explanation to just "shut them up" or to inspire anyone (including kids) NOT to inquire further.  The response surely does not need to be the truth, depending on the age/maturity & ways that you might be involving the kid in your "bitcoin related" business matters.  I already consider that kids are going to need to know some of these things, but surely there are times, places, and age-appropriateness (and even parental/relationship discretion) in terms of if, when and how much to introduce them to some of your own personal financial/security matters.

Your response:  "It's a communication device"

Kid: "For what?"

You:  "I use it for work"

Kid:  "Why not use a regular phone? My Iphone does everything.  blah blah blah"

You: "This one has some special features that need to be kept separate from the phone."

Now getting the attention of a security person or even someone who might be targeting certain kinds of devices, there may well be needs to tweak your answers, though maybe you can start out with similar responses, and if they continue to inquire, then you might need to provide them with additional information.... so in continuation with the same above questions, the security guard asks:

Security Guard:  "I never seen one of those.. It kind of looks like a phone but it seems like it is not a phone"

You:  " I like to think of it like a Yubikey card.  Have you ever heard about a Yubikey?"

Security Guard:  "It doesn't look like a Yubikey"

You:  " I was just told by my work people that Yubikey was not safe, so they moved to another system"

From my perspective, in any kind of inquiry, sometimes you still want to answer questions, and your level of rights to stay silent is going to vary from location to location.. and of course, many folks worry about how many rights to privacy are lost when crossing borders.. but that still might not mean that you need to continue to speak if there are too many questions that seem to be overly probing.. and of course, plausible deniability too.. and then if it is recognized as a certain kind of device that "is being targeted or not."

I don't want to get too far off topic because crossing borders may well be a question that is different from using such device in an office in which people might come in, or will the maid recognize it, or are you going to use it in public at a Starbucks or in the lobby of a hotel.. perhaps there might be some occasions in which you might engage in public use of the device or that you might have to show the device or it get's attention when you are going through security checks, which seem to be located in a lot more places these days... but maybe if the security folks are looking for a bomb, then they might wonder if your device might be a detonator...so if they recognize the device (as a bitcoin wallet/signing device), then that might be better in some circumstances... so maybe sometimes NOT having a device that has a removable battery might be better than having a device with removable batteries.. when crossing borders.

Yeah, the Passport is very comfortable to use, and ergonomically superior to other brands.  It's worth noting the weight of the wallet as well; it comes off heavy at first, but it's heft feels good when using it with one hand.  Just something for the weight-conscious professional cyclists to consider. 



To me the ColdCards (Mk series) look like a small, cheap calculator that old people got for free when they started a bank account.  Notably, my kids have walked in on me with the ColdCard on my desk an never even noticed it.  They expect me to be an old fogy, but I guess a candy-bar phone is where they draw the line.

Paper shape? Electronics need some space..

I must say from my own usage that it is extremely comfortable to use with this shape. I've had wired hardware wallets with cables sticking out the side and bottom; neither was perfect, especially with short cables. If a device is too narrow or thin, it becomes awkward to hold. Some devices need to be held by the side, but have the buttons.. on the side. Others are too tiny to hold on to while pressing buttons, so you need to lay them on the table.
This device, you can use it one-handed, long passphrases, no issue whatsoever. It may even look less conspicuous, to be honest. I do agree that it would look less flashy in an all-black variant, for instance.

While they were obviously inspired by mobile phones when designing this, we should consider that mobile phones reached that shape over years of trial and error.

I agree with the Ledger, but ColdCard looks pretty odd, even more than an old candybar phone, no? Especially when connecting a 9V battery with a dangling cable to power it on.