Topic: Foundation Devices 'Passport Batch 2' hardware wallet review - page 7. (Read 2035 times)

Excellent review. I loved reading it!

Too bad there is only one paper card for the seed and backup codes. The competition includes 2 or 3. The microSD backup doesn't back up the seed as well, does it?
The change of batteries to rechargeable ones with over 4 hours of stand-by life is a welcome edition.

I have some questions.
You mentioned that Batch 2 uses a screen with a closed-source driver chip. What's the worst case scenario there?
Doesn't Batch 2 have any type of seed verification after the initial onboarding process?

Passport v2.x.x Firmware Simulator
The instructions for installing it on a fresh Ubuntu box are as follows (copied from my post here).

[1] Get Ubuntu 22.04.1 ISO and spin up the VM.
[2] Update all packages (after all, this is a fresh Ubuntu install).
[3] Install git and dependencies
[4] Clone repository
[5] Install Rust & Cargo (never hurts ) to then install 'Just' (command runner).
[6] Create work and snapshots folders (not sure why they don't exist) Edit: added microsd folder which emulates an inserted microSD.
[7] Start simulator (this builds the firmware)

---

To get the camera working (kinda needed for supply chain validation), install OBS with its virtual camera feature, as well.
[8] Install QT6 dependency and OBS itself.

Then, start OBS, add an image of whatever QR code and make it nice and big. Images below. Lastly, restart the simulator.
If you want to reset the simulator, delete the work folder that you created earlier and re-create it (or delete all files within it).


Left: OBS setup steps; Right: How it should look like with everything set up correctly. Notice the QR code rather big and the Virtual Camera running.


Left: Camera view of Passport simulator. The QR code is a bit too large, therefore no successful scan. Right: As soon as I resized it a bit, such that it fits inside the camera view, it is scanned and the words are shown (I believe always the same hardcoded words in the simulator during Supply Chain Validation, since it doesn't obviously contain the actual secret).
Decoding addresses and transactions should work correctly, though.

Detailed setup / walkthrough photo gallery

I was able to easily take these screenshots using the simulator from Foundation Devices' v2.x.x series of firmware for Passport repo that, should also be able to run on Founders Edition (mono parameter instead of color).

Misc
3D-printable custom back cover anyone?
This is the original STEP file for the back cover. I'll actually try getting it resin-printed in black or maybe doing it myself with traditional FDM printing, to get a cleaner all-black look. The beauty that is open-source hardware!
https://github.com/Foundation-Devices/passport2-hardware/blob/main/mechanical/STEP%20Files/FD-KL-COVER-REAR-REV-D.stp

Privacy policy / data handling
The TOU and privacy policy haven't changed since my last review. I appreciated that they're relatively simple to read (content and webpage layout); however a few items in the privacy policy stood out to other Bitcointalk users.

We got a reply on such a question by Zach Herbert below; he also mentions that they self-host a lot of services and delete data much faster than most other wallet manufacturers.
https://bitcointalksearch.org/topic/m.60928948

Pricing & Discounts
During the preorder phase, Batch 2 was priced at $199 (without VAT or shipping). As a Founders Edition owner, I got a 21% discount, bringing down the price to just $158 USD, which is why I immediately bought it. Basically half the price of Founders Edition.

Right now Batch 2 is listed for $259 USD, which is still less than FE, is supposed to ship very shortly (this same month) and is overall better in all aspects (except maybe the camera bug).
I believe you could get $10 off through a referral code, but I didn't want to look more into this (whether referrals still exist or not, how to do it...) and getting my own one, such that I won't be financially influenced in my review. In the rare case that you can't find such code, you can DM me and I'll have a look; would donate or otherwise give-away my reward, though.

Edit: I realized today that the following deal is still up. Foundation Devices gift cards with 10% discount.
(3) Are any discounts planned this year (e.g. for the black friday weekend)? ^{[Edit: 1. December 2022 - this is obsolete now. ]}

My improvement suggestions / requests

• Look into the slow QR code verification / check why FE did it better.
  
• Bring back seed phrase verification (having to type it back in, after writing it down) from FE.
  
• Show 'Security Words' at Login by default (like on FE).
  
• Don't reset 'Network' preference to 'mainnet' after a reboot.
• Release screen protectors and silicone protection cases (for everyday usage).
• Release a low-cost version (e.g. full plastic as described above) of Founders Edition.
  

New firmware features
Multisig

Multisig wallets were supported by the Founders Edition when I wrote my first review, but I didn't try it; so it's only a 'new feature' for me.
I set up a 2-out-of-3 multisig in Sparrow using Econoalchemist's guide. Instead of a ColdCard, I used my two Passports and a local wallet as third keystore (like him). It worked like a charm and was super easy to set up and use. Highly recommend it.

Casa

It is now possible to use the Passport with Casa, which then shows up as an extra 'account' next to all your regular accounts.
In addition to the regular 3 options, there is a 'Health Check' and a 'Connect to Casa' option; I haven't tried those though, since I'm not a Casa customer / user. I don't think this option is very important / interesting for regular readers of the 'Development & Technical Discussion' section, anyway, but good to know that it's supported, in case you're looking for a device for a friend who's interested in the service Casa is offering.

CoinJoin Postmix (Whirlpool)
Similar to the Casa option, when activating the 'Postmix' account under 'Settings > Extensions > Postmix', you get a new account on the main page with a specific derivation path (m/84'/0'/2147483646'). Its specialty is that it allows to re-mix / join deposited coins with Whirlpool without paying fees over and over again.


Envoy App
Together with Passport Batch 2, Foundation Devices also released their Envoy host software, for Android and iOS.
It's mostly a bare-bones wallet without multisig support or any bells and whistles, but it's more than good enough to get started and the killer feature is the ability to update the Passports through it, using the included microSD adapters.
It was a necessity for me that it doesn't have push notifications or any other network calls except the ones going directly to the Electrum server - which can be specified by the user; including Tor support.
There is a section with their tutorial videos, but opening those shouldn't leak anything about your device, seed or addresses and it's obviously all open-source.

In-depth review

Delays
Sorry, Foundation, but I have to bring this point up first, before actually starting the review. I do understand that there is a pandemic going on and all sorts of issues around the world slow the supply chain down. However, most of these factors aren't new; so one could have predicted / calculated them into the ETA. I'm fully aware that this was a preorder without guaranteed shipping date.

But instead of offering highly optimistic dates and pushing them back repeatedly, I would have preferred a: 'Sorry, we got caught off-guard and need 8 more months until completion'. If they would have managed to ship in 3 months regardless, I don't think anyone would have complained..

The shipping itself (to EU) was extremely quick and only needed 1-2 days through UPS. I haven't tried shipping to a PO box, but didn't want to order to my home address either, so it took a bit longer to get my hands on it. Sorry for the long wait, everybody!

Personally, I will be more careful with company timelines and try to avoid a wording like here; instead I should have said 'they try to ship it in two months from now'. I hope that nobody who bought Batch 2 after my review, got disappointed by my above statement not having held true. Personally, I'm never in a rush, but I felt responsible mentioning the delays, just because I repeated their optimistic 2-month timeline.

Unboxing / what's in the box?

In comparison to Founders Edition, you get the same SanDisk Industrial XI microSD HC 8GB card, however only a single one instead of two. Backups are encrypted, so I don't see a risk in keeping the single microSD with you on a daily basis (for updates and transactions on a device without camera), as long as you have the paper (or metal) backup stored in a secure location.
New this time, you get a double-sided USB-C cable (sadly no USB-A adapter included) to charge the device and two microSD adapters. One allows you to plug the microSD card into devices with USB-C, such as Androids or modern laptops. The other one is made for iOS devices with Lightning connector.
Even though transactions can be made simply through QR code communication, the inclusion of these adapters allows people to do complete firmware updates of the wallet from their phones (through the new Envoy app).

I believe this makes the device much more accessible since some people just don't have a proper computer.

You also get new Foundation Stickers, a set-up card that links to https://foundationdevices.com/setup/ and also a nice 24-word seed phrase backup card which I recommend to use and laminate. It also has a separate section for a 20-digit 'backup code' which encrypts / decrypts the microSD backups.
If you are using steel washers to back up your Passport (recommended!), this means 2 washers (if used double-sided) suffice to back-up that code.

A few short words about the unboxing. The device came in the same white box like Founders Edition with a simple, single security seal. The security model has not changed in this regard, so it makes sense. link 1, link 2.

The inner box is physically well packed and protected by adhesive bubble wrap and shrink wrap.

Design & materials
The classic white - gold - black color scheme was kept and even extended to the box, a detail I enjoyed. It received golden, metal navigation keys, which I planned to mod and black-out, since I assumed cheap spray-painted plastic, but this metal finish (anodization?) is actually really well made, so I'll keep it. The overall build is still solid, back cover comes off easily and snaps on firmly with the same magnet technique as before.
The only detail I'd criticize is the use of piano black plastic inside of the small lip around the screen. It's most visible below the screen and of course, known to stop looking good after a while.
Why do car companies use piano black plastic as an interior material?

Setup
Not a lot has changed from the Founders Edition setup procedure. In general, the whole GUI is mostly a colorful version of the FE GUI, with the addition of being able to use the sideways buttons to change between 'accounts' (different derivation paths) and a few smaller menu changes.

The advantage of the microSD backup (that I mentioned above) over a seed phrase backup is that it will keep all settings, such as multiple accounts, multisig setups, and now new: Casa & Postmix setups.

For anyone really interested in the setup and general GUI look & feel, I have a 'walkthrough' (photo gallery) of every single step down below as well as instructions for installing the simulator and trying it out interactively for yourselves.

Battery

The elephant in the room with the Founders Edition was the battery. I should mention that while a set of regular Alkaline AAA's went flat super fast, repeatedly, during my initial setup and review process, over the last year I haven't had to swap them a whole lot. The whole workflow for signing a transaction from turning the device on to turning it off, can be done in under half a minute, keeping power consumption low.
It makes the usage more 'stressful' in a way though, and in the rare occasion of running out of battery on a holiday, you can't buy new ones, while you can always recharge a Li-Ion pack.

The Batch 2 uses default Nokia BL-5C rechargeable Li-Ion batteries (you all know them). They have been around for almost 20 years and millions of these are available on the market, so I think we're pretty future-proof with this choice - regardless of whether Foundation Devices sells or doesn't sell replacements, stops production, or even goes bankrupt.

I can confirm that the device even works without a battery; just plugged into a USB-C power source.

While keeping in mind that Founders Edition is supposed to be used with special non-rechargeable AAA Lithium batteries, I just assume most won't (due to price and availability) so I measured the battery runtime on a set of new Alkalines and the fully charged BL-5C that came with the wallet. Both devices were set to 100% full brightness, although the B2 'full brightness' looks at least twice as bright as FE.

On a fresh set of AAA LR03 batteries, at full brightness and mostly lying down doing nothing, the Founders Edition shut itself down after 27:25 minutes.
The Batch 2 managed to run for 4:33:03 hours on a full charge. I also did a lot of experimentation (for QR code scanning speed) for around an hour during that time.

Screen
My main criticism in terms of build quality on FE was the plastic screen; flush with the device, which came scratched (though it didn't pick up extra scratches that I noticed). B2 has a recessed glass screen, which is also much brighter and has colors. It is more pleasurable to use and harder to damage. Big improvement here, I really love it!

Only drawback from Founders Edition is that it appears to be a regular IPS LCD:
FD-KL-ASM-FG-DISPLAY-LCD-IPS-2-INCH instead of the security / auditability-focused Azumo/Sharp 12616-06_T3 monochrome display.
I may be wrong about this, but most regular IPS LCDs usually come with a black-box driver chip. Hopefully, Foundation Devices were able to avoid that here, but I couldn't find detailed information about it.

Camera
Like the screen, the camera was recessed, which should protect it from damages. Unlike the screen, the module used remained the same. I mentioned it in my summary, but unfortunately the new firmware appears to detect QR codes slower than FE. It works very well when the QR code's resolution is not too high (more codes, less data per code), but struggles with more complex images that the old device handles like a champ.

I hope that Foundation Devices @zherbert @FoundationKen look more into this; fast readout of PSBT is what makes or breaks the Passport, in my opinion; and I must say that it's more reliably fast to use the Founders Edition, especially when playing around with different wallets.

In general, my devices (PC, phone) are better at reading out QR codes from either Passport's screen when setting the QR code size to 'largest' (at the expense of scanning more of them), but such a setting is actually lacking in the different wallet software I tried.
So, while it would be great for both Passports to perform equally (given same hardware), improvements to host software would also be welcome. Foundation Devices' own software (Envoy) has a good QR code density though; more on it later.

⬘⬙⬘⬙⬘⬙⬘⬙⬘⬙⬘⬙⬘⬙⬘
⇨ Passport Batch 2 Review ⇦
⬙⬘⬙⬘⬙⬘⬙⬘⬙⬘⬙⬘⬙⬘⬙



Outline

• Summary
  
• Review
  
• New features
  
• Misc
  
• Setup walkthrough
  
• Simulator instructions
  

​
Summary
Following my overall satisfaction with Foundation Devices' Passport Founders Edition hardware wallet, I also preordered their Passport Batch 2 device. To me, a 'batch' usually refers to a production run and not a broader overhaul / update of a device, so I sometimes called it 'version 2' or 'v2'.
However, a lot of things have actually stayed the same, both on the hardware and software side, and I was glad to hear that the passport2 firmware is supposed to be back-ported to Founders Edition. So it should not be obsoleted or superseded by Batch 2 after being around for just a year, which is good - especially at the price they charged for it. I'm not aware of the current status of this, though.

I will sometimes abbreviate Founders Edition as FE and Batch 2 as B2 in this review.
To summarize, I will just write the major changes here in a TL;DR type-section - details are down in the next posts.

Firmware used: v2.0.4

Positive Changes compared to Founders Edition
There are some major changes that almost directly addressed my criticisms of the Founders Edition, and prompted me to put down another ~$200 USD (incl. shipping - price info later) for this device.

• Better screen: This one has very strong backlight, is made from glass, has no scratches and comes with a protective foil on it. It's slightly inset to further protect it as well, and overall exceeded my expectations. I personally think a good screen is an essential part of a hardware wallet, so this is good to see.
  
• Better battery: Batch 2 uses Nokia-style batteries, which are almost as easy to find as triple-A's, almost as secure (no way to get supply-chain attacked since they're not hardware-wallet or device-specific) and way longer lasting than the FE's non-rechargeable batteries.
  
• Slimmer body: It's still a thick device, but definitely more pocketable than Founders Edition, which due to its small size stands out more than if it was, say, a leather wallet of the same thickness. Meanwhile B2 generally succeeds better in disguising through a feature-phone-form factor.
  

Negative Changes compared to Founders Edition

• Worse keypad: I first thought I got a defective unit, but after checking online, it seems that the keypad is partly meant to feel like this and they partly have had manufacturing problems. The buttons just have very little travel and thus no big, firm 'bump' that you 'press through'. It doesn't even feel mushy, as there's basically not enough travel for them to 'even mush'. I hope I can sufficiently visualize the feel of this new keypad. It works flawlessly and accurately, it just doesn't feel as nice to use to me. It's worth noting that it did improve a bit over time, especially the most used (numbers and navigation) keys.
  
• Worse camera: I know, I know - on the hardware side, they use the exact same OVM7690-RYAA ... camera cube. However, it appears to take slightly longer to scan QR codes; more details below. Update @ block 773177: Since the latest update, the issue is fixed. link
  

​​​
Compared to last time, due to the fixed battery issue, much better screen and better form factor, I can definitely recommend the Passport Batch 2 as a daily-driver hardware wallet. It will work with your computer, phone, whatever you like, the battery life is long enough and it can just be recharged.
Price-wise, it costs less while being an overall better device with mostly just minor criticisms; as a Founders Edition customer I also got a nice discount, as described below under Pricing & Discounts.