Topic: Foundation Devices 'Passport Batch 2' hardware wallet review - page 6. (Read 2035 times)

Does one account need to be funded before you can create a 2nd and 3rd one or can I simply jump to the 7th one if I wanted to? Maybe if at least one address from the first 10 accounts has been funded, you get a new set of 10 accounts or something like that. But if not, I am sure that adding a passphrase opens up new account possibilities.

I haven't heard of such limitations with Ledger. But what I mentioned above is true. An address from native segwit account #1 needs to be funded before you can create native segwit account #2, etc.

Just a side note - some companies do have a marketing strategy to run some campaigns at a loss. See the recent Pixel phones that have lower price tags than similar phones due to the fact that they prefer to loose some money on each sale but reach a wider audience and attract more customers to their platform. There's also the example where supermarkets have the so called "loss leaders"[1].

Still, we're talking about corporations that are already well setup in their organization to support these losses - which isn't the case for the Foundation devices. I'm really liking their products and mission, I hope they keep walking the same path!

---

[1]https://www.investopedia.com/terms/l/lossleader.asp

This shirt doesn't have any Bitcoin prints on it, it looks more like you came back from the past and promoting some old Nokia style phones 

I don't wear Bitcoin-related shirts either (terrible opsec), but it's a nice gesture and I prefer them putting the money to good use.
Large discounts also sometimes feel like you're overpaying on the device on non-deal days / parts of the year and make the device seem more overpriced.
I.e.; if they sold it for $200 during this weekend, you could come to the conclusion: 'If they can make a profit off a $200 device, why can't they always sell it for $200?'

Like I posted in the other thread, FD's EU reseller is getting rid of Founders Edition units, to make space for Batch 2 stock; such sales do make more sense.

Nah, I don't want to wear T-shirt like this, but I think they already gave a big discount to everyone who participated in Batch2 presale, and you had to wait a long to to receive it
I do like discounts and I think that Keystone did a great job this season of Black Friday, maybe because they started working on new generation device so they need founding.
I am excited to see how hardware wallet market will change in future, with Block wallet and Trezor Gen2 wallet releases probably coming out in next year or two.

Yeah, it's a ColdCard invention, but I think only the code is protected by the CC license. Other manufacturers would need to reimplement it; even though it will do the same thing and run on the same (or similar) chip, they'll need to rewrite it. I don't understand the sense behind that either.

Yes, especially with Taproot. Which is a standardized protocol; so you're not 'vendor-locked' and profit from all other benefits of such a standard. Therefore I'm hoping for quick Taproot integration on Passport. Especially since multisig is so fun to do with 2 or more Passports...

I believe and hope that businesses can be successful without selling out and giving away customer data & privacy.
Honestly, with this angle, it's not too bad that Foundation Devices can't offer a Black Friday discount. You do get a T-Shirt, though!


I like this comment that they reposted:

I think this is available only on ColdCard hardware wallet, and they have everything in CommonClause license, so I am not sure what license is for Seed XOR.
We all know they don't like anyone using their code, and some other wallets are using other ways to split seed words with Shamir Secret Sharing (Trezor T, Keystone, etc).
I think that multisig is much better than both of this seed splitting implementations.

This could be memory limitation related thing, but it's best to confirm this with developers.
I know that Trezor (and I think ledger) also have limited number of accounts you can create.

I think we all realize that you need to make big sponsorship and partnership with lot of third parties if you want to have big sales like ledger.
In return ledger is going to send them everything they ask, and they will add any shitcoins they pay for.
Passport only supports Bitcoin, so ponzi scammers like Sam Bankman can't promote their crap.

While it is definitely simple to set up and use, it also has 'advanced features' that CC doesn't have. For instance the (very convenient) QR code communication feature and CoinJoin postmix with Whirlpool.
I'm not sure that the lack of 'duress pin' or self-destruction pin are left out for simplicity, but rather because they think it's a bad idea to have / use one.

So you can create derivation path 0', 1000', 6969' on Passport, but only 10 of them in total, while in Sparrow you can only go up to 9'. Good to know (though I'm not sure why someone would need that).

Not that I know of, this is just something from coldcard and that's what I've been primarily comparing it to. I really like the "feature rich" approach of coldcard.

Passport tries to be simpler and succeeds at that but they could include some more advanced features safely tucked away in the "danger zone".

What it also really misses even more are pin options, like "duress pin" etc.


Yes, interestingly Sparrow wallet has the same ten account limit. At least Passport allows any derivation path whereas on Sparrow you're stuck with 0 to 9.

Agree with everything! Alone the fact that it has no 'integration with centralized exchange X' or even an overly complex host software at all, should give users confidence that they didn't waste time and developer attention into such features and instead focused on making a secure Bitcoin storage and signing device.
I'd still like to see them get external security audits done; not sure if they've done anything like that. It's usually quite expensive and with FE only having sold 1000 units total, I don't know that you can afford that at such small scale. But this is a security device so it should be a very high priority, now that they (hopefully) sell lots more devices with Batch 2 and onwards.

Exactly; it's a win-win situation. I'm suggesting it for both making users more comfortable carrying such a device with them, and basically replacing the need for storing keys on their insecure mobile devices (phones / laptops). And at the same time it would keep cash flow coming after Foundation sold someone the device, which is always good for the company. I'd really like to see them succeed long-term. Other manufacturers like ShiftCrypto (BitBox), for instance sell backup cards, sealed bags and small goodies which I can definitely see people buying little by little, the more they dive into Bitcoin, secure storage, secure backups and multisig.

That's good to know! One more Bitcointalk user to potentially discuss new features or issues as we keep using this device..

Good point! I believe I mentioned it in my Founders Edition review; I totally agree with that. I'm way more comfortable using a more complex device password and more complex passphrase on this, due to being so comfortable and quick to enter them.

Do you know whether they're working on that yet? I'll have to check if they have a blog or Twitter post about that.

There is? I haven't tried creating more than 10 accounts; good to know, though.

Great review, thanks for that.

Also got my Passport 2 a few days ago and really like it.

One very positive thing that stuck out to me:

This is the first hardware wallet with which it's not a complete pain to type in words like seed etc. Even though it has a number pad just like the coldcard, it uses a different system and it's very fast, like typing text on an old nokia phone.

A few things I would like to see:

Seed XOR and BIP 85

Also, is there any reason there has to be a ten account limit?

@n0nce  this was well written amazing review of Passport batch2 hardware wallet, and it took me some time to read everything.
Hands down I think this is currently one of the best open source Bitcoin hardware wallets available in market.
Some people could complain about lack of support for shitcoins, but this is only positive thing for me.
Compared to it's older brother Coldcard, this is big step in right direction in every way, and solid improvement from Foundation edition.
I can't wait to see what device is Foundation going to release next.

For sure they need to offer cases for devices, in same way like most people use cases for their phones.
Same thing with batteries, and they could even earn extra sats for selling this, just look what Trezor is doing.

True; to me it was negative, but I may need to reclassify it as 'Neutral'. Do keep in mind that the travel distance of any such small devices' buttons is always way smaller than even what you find on low-keytravel laptop keyboards.
I guess if that's really important to someone, they could check out one of the various Bitcoin conferences that Foundation Devices participate in, to try it in person before buying.

Yes, 2.0.4 improved it a little bit; I actually used the 2.0.4 beta from upstream GitHub (using the 'upload developer public key' feature), very early on, so this review is completely based on v2.0.4 already.
Downgrading works; at least from 2.0.4 beta to 2.0.3 (release) worked without issues.

Since you mention: 'directly or through the Envoy app' - the upgrade process is always the same, there is no or. Either you download the new firmware with a PC and copy it to the microSD card, or use the Envoy app for that, which does the exact same thing. After inserting the microSD into Passport, it finds the file, verifies it and upgrades to it.

Thanks.

As someone who is currently using a keyboard with a short travel distance, I would've included it in the category of positive changes ^{[it comes down to personal preference]}.

The "latest firmware" was supposed to improve QR code scanning, so are you implying that ^{[apart from the better performance on FE]} you didn't notice any improvement from the previous firmware ^[v2.0.3] or it became worse?
^{- Out of curiosity, is there an option to downgrade it (directly or through the Envoy app)?}

---

BTW, this is hands down one of the best HW reviews in this sub-board ^{[I salute you]}.

Good question; I'd probably use a generic BL-5C, probably from a local seller so at least it has to have CE compliance.
I'd really recommend Foundation Devices to start offering 'accessories' in their shop; it's a good way to keep revenue flowing in, after a user bought your product. Especially for premium products (like Passport) that customers don't want to replace every year.
I'm talking: replacement BL-5C batteries, industrial microSD cards, replacement Lithium AAA's (for FE), replacement back-covers in different colors (customization), screen protectors and protective cases for everyday usage.

Yes, exactly! I should specify that more clearly, thanks.

This is first time i've heard type of this battery. While this battery is indeed popular (based on search result on local online shop/marketplace), i have few small concern about obtaining replacement battery. For example,
1. Which seller sell good quality battery? I know i should avoid battery which cost less than $1, but expensive doesn't always mean better since it could be overpriced battery.
2. Which brand should i pick? Battery with brand "Nokia" (i use double quote since i don't know whether it's bootleg or not) or third-party brand (vizz, xtrikeme, sailsway, hk, etc.).

I don't have electronics/electrical engineering so i can't simply seek batch 2's schematic and check whether it has strong protection against defective battery.


Does this feature refer to mixing on Whirlpool protocol/Sparrow wallet?

To be honest, I wouldn't even necessarily say that the quality of the keypad got worse; the buttons even feel more durable, it's just a different type of actuator probably.
Camera is untouched, so the differences should be down to firmware.

Good question, didn't cross my mind. From my experience, the difference in key feel is not nearly as drastic that you could tell which keys were pressed more often. Maybe the navigation keys also just feel better since they are separate from the keypad. Nothing to be concerned about, though.. I probably also got used to it a bit.

Agreed; the price is definitely high. Surprisingly, it's hard to find hardware wallets with open-source firmware and hardware, plus QR air-gap and all of the other Passport features. No real competition except the Passport Founders Edition. I suppose that manufacturing in the US is also costly, but that also increases my personal confidence in the device.
You do feel that these devices are no China products; the premium price tag reflects in a premium build quality. My FE looks just like it arrived roughly a year ago.

If you can live with a closed-source hardware platform though, I believe that Keystone would give you a lot of wallet, for under $200, even under $100 with current discounts. I may actually try it out myself; not sure.

I would definitely appreciate a 'lite' version or a kind of mass-produceable (injection molding for all parts) version of either Passport at a lower price point. Keep in mind both of these have a metal interior piece that gives it structure and heft, which could be replaced. Maybe a monochrome LCD would be cheaper as well, and the device could even be offered without battery, in case you already have some BL-5C kicking around. I believe shipping devices with batteries is also more expensive, so another area to potentially cut some costs.

I was looking forward for this review for quite some time n0nce, it's awesome to be able to finally read it! As for the device, FE2 improved in the topics that I hoped (mostly battery + screen), but it's sad to hear that the keyboard has a "bland" touch. Granted, for sure it's great that they improved the other two areas, but I was hoping that the keyboard and camera would still be left untouched regarding quality and "feeling", but it seems that isn't the case. The positive news that I can take from this is that this mostly can be solved by a future software update (or at least I hope so). This particular paragraph activated my "paranoid" sense:
I know that the odds are very, very slim, but assuming that someone got a hold of the device, could they extrapolate, based on the "used keys" on the keyboard, your PIN code? I know the odds are slim, but this idea just came to my mind ...

I still think that one downside of the device is the premium price - If I were to purchase one I would be looking at 330 € (Model T would be around 270 € with support to multiple cryptocurrencies) - but I reckon that the only way to deal with the high price would be to have a manufacturing unit somewhere in Europe and for sure that isn't the plan in the short term. Like you said n0nce, the best option would be a FE2A option (similar to the Pixel A line) where they would go down on the materials to the bare minimum to try and still deliver a sustainable device.

Once again, thank you for the superb review!

PS: @zachherbert is quite active on Twitter so it would be really awesome to see him reply (or even promote!) your thread over there. Let's hope he manages to come here!

A very detailed review containing important clarifications, which certainly deserves praise. Reviews of this level and quality are rare and only in those cases when the user is really passionate about this device, like a Passport. Great job n0nce.

Undoubtedly, Passport turned out to be successful and has many advantages over hardware wallets from other manufacturers. One of which, in my opinion, is a removable battery that can be replaced if the battery is suddenly dead and immediately used, which makes the device autonomous. Therefore, you can immediately buy another BL-5C battery (or pick up from your old Nokia phone) and keep it on hand for such cases.

Thanks to n0nce's reviews, I have been watching passport for a long time, which I also like (not as a user). I hope this project will develop further and improve its devices for the benefit of the crypto community.

Thanks for your quick feedback.

Good point; compared to microSD cards, it should be super cheap to ship one more paper backup card. The microSD backup does include the seed phrase, although encrypted with a 20-digit numerical code.

I'm not sure that they use such a chip; it would be great to hear what LCD they use exactly and how it's driven.
The idea with the Sharp display on the Founders Edition is similar to what https://betrusted.io/ are doing; where there's just no 'trusted' component. Also makes it easier to do a hardware implant attack (e.g. chip replacement) when a driver chip exists. Otherwise, what are you going to replace, right?

Unfortunately, you are not asked to input back the seed, which is why I mentioned it as an improvement request.
It doesn't look like an oversight (e.g. 'commented it out during testing'), since the SeedCheckUX file is missing completely from the new repo.