Topic: Foundation Passport (FE) hardware wallet review and walkthrough - page 5. (Read 1589 times)

What an honor!

Yes, I saw it as well. Here's a link for everyone else: https://twitter.com/Mandrik/status/1485278977417789444
Though it is the only time I (and apparently Foundation themselves) saw it so far, unlike other brands with very high failure rates. So it might very well be an exception. The screen in use doesn't seem like a cheap piece of crap; as a raw component it costs around $30! That's half the sale cost of some complete hardware wallets.
Thanks to open source hardware, we can easily find the component on Mouser.

I agree with what you said, but seems everything's addressed in version 2. Fingers crossed! Regarding games, I was thinking of trying to recompile myself, after deleting the 'extras' menu & flashing it, but just didn't find the time yet. May update later.

It seems to me like the Li-Ion battery in the keystone is basically 3 rechargeable AA's stuck together in a piece of plastic. That would have been possible e.g. as a 'replacement back piece' for FE. As I said; they can make a lot of money in accessories for their FE and 'version 2' if they don't know what to build next!

After a few years of 3D printing experience: if you have one of the common filament-based machines, it's not the best thing, for sure. It's great for quick prototyping and mechanical parts, but nowhere near as pretty as what they send (injection-molded).

@n0nce this is probably one of the best hardware wallet reviews I ever saw on bitcointalk forum, and I am sure it will attract other people who are not registered in this forum.
I do think that Passport needs a lot of improvements, especially with their display, that is weak spot in many hardware wallets like incase of ledger.
I even saw someone saying that after little use of Passport wallet their screen started to show signs of malfunction, but that could be exception not a rule.

I think that price should be lower, they need to make better battery solution, and remove all the games bloatware (or at least give option to easy install without firmware games).
Compared to ColdCard I think they are going in right direction, releasing everything in public and going open source as much as possible.

Nothing personal, but I have to be honest and say that ColdCard looks like a cheap calculator, it uses cheaper materials like plastic and should I mentioned all the crap they are doing now.
They are not open source anymore, they removed reference for ever using trezor code, and now with NFC they are not air-gapped anymore.
It's not a big problem to hire workers from Vietnam, India, East Europe or similar places to work in Canada and make cheap hardware wallets.

I don't know how Keystone is doing it, but they have both options in their PRO version.
You can use regular Li-ion battery and optional AAA regular batteries.
I think that is the proper way of doing things.

Have you think about using some kind of e-paper e-ink display, like the ones that are used in e-book readers?
Remember to put some plastic foil over the screen on your next model, some people never remove them

Best thing you can do for plastic material is to have your own 3d printer, and print/control whatever you want.

Since such a device has a very big chance to be used mostly from home, it may be also an option to also offer the (additional) option of using the device in a plugged-in manner and draw power either from an USB, either from a charger. It may also mean some more accessories to be sold.

Another direction could be bigger/better known rechargeable batteries - like Nokia's BL5C or Sony's NP-BX1 (I'm talking about size, not about the voltage, that's something I'm not good at).
I am telling this because some years ago I've had a camera using AA batteries (luckily also rechargeable) and at start I was extremely happy that it works with standard batteries I've soon got disappointed that I had to carry with me a huge lot of them if I wanted to make pictures for one full day. My later camera works with NP-BX1, I have 3 such batteries (one original, 2 cheaper Chinese ones) and I usually don't need 2 for one full day. Plus a cheap Chinese external charger working from USB and the batteries' small format makes a happy family. Indeed, I cannot buy the batteries at the next shop, but I can recharge mine in the car.

Interesting idea; for instance a USB-C connector but only with power contacts soldered...
I don't really see an issue, because you cannot hack the device if there are no data lines.

However, power analysis / glitching and such types of attacks may be easier to perform. Though you can also hook up your glitching device to battery terminals, so it's not really that much less secure with such a 'backup energy source'. Would also allow to test for hours at a time without thinking about batteries.

Probably Foundation was going for a 'complete port-less' approach, because people simply may not understand it's still fully airgapped even if they see a physical USB port on it. Not everyone knows how many pins such a connector has and what it means if you tell them 'we only soldered on GND and VDD'. 

Thanks for the honesty Zach.

n0nce has already posted some estimates regarding the battery life of Batch #2, but can you provide some more information about this? Based on your tests, how long will a fully charged battery last for the second generation?

Regarding the plastic vs glass covers. I personally prefer glass. I have cellphone with a glass back cover. It's a big fingerprint magnet, but I don't mind it because it feels and looks more professional.

This might be a stupid question, but why does the FE not have a charger, so if I wanted to, I wouldn't have to use any batteries if I didn't need them?   

Cool, really appreciate this. Makes sense that compilation will change slightly between devices and you'll need some extra code for Li-Ion charging circuit for example, I suppose. But it's great to hear the codebase stays common! Not only for longevity but also for security. Since a bug found in one device will also make the other one more secure, as well as a static security analysis making more sense if it covers more devices.

On this topic: I haven't seen a PGP key on your GitHub, where you talk about responsible disclosure, in case someone wants to send a bug report or even exploit via encrypted mail.

Well, USB is not 'un-MITM'-able as well, but to me it seems easier to write a shellscript checking for removable drives than hooking into USB communication.

I totally forget about closed source battery. But i don't see how it could impact using FE since usually it's used to make electronic device only accept specific brand/type of battery.

Example, https://hackaday.com/2011/03/30/headphones-use-standard-sized-but-proprietary-rechargeable-batteries/.


Good point, HW wallet such as Ledger and Trezor could be used on infected device and it's not easy to perform MitM attack on USB connection.

Hi, Ken from Foundation Devices here.

I wanted to make sure that FE had a long life, so I put in quite a bit of effort to make sure that it would be able to run the newer codebase.

There will be two separate firmware downloads, but they will be built from the same codebase.

There are improvements in the new hardware that we'll be announcing soon, but, to the extent possible, we're trying to make the firmware on the two devices have similar features.

Note that there might be an initial delay of a few weeks in releasing the first FE version of this new code, but after that my intention is that new firmware versions for the two devices get released simultaneously.

Cheers!

I don't think they have any recommendation for this. I can try to ask them Zach, any recommendations? But it doesn't seem to scratch easily from normal usage. Do you know how sometimes when you look at a piece of plastic on a product and you immediately know: 'this is gonna scratch fast'? This material is not that. In contrast, BitBox02 does look like it (and it does scratch this fast).

With this gentle curve, it might be possible, to be honest. Might try giving this site a shot:
https://www.protectionfilms24.com/custom-sizes.html

We can see from the source files that the screen is 1.092"x1.416" or around 27.73mmx35.96mm.

For a single one it's pretty expensive, but if you get 10, it's just 2 bucks per screen protector.


Well, it depends on the usage. Turning it on, performing a transaction and turning it off again takes probably 1-5 minutes tops, so 4h would be 50 transactions in worst case. I drained mine in a day since I played around with it a bunch and then stood for 2h in the shop stamping seed words off the device directly. Probably better to write it onto paper and turning it off, then copying from the paper.
Regarding costs, you can get a 4-pack of compatible rechargeables for 25 bucks, so you get 2 to use for other stuff. And I did really like the concepts of standard AAA's (or AA's, wouldn't mind) since I know I can find these in 20 years time pretty surely. (worst case hook up a 3V power supply to battery terminals)

They are also worried about security of Li-Ion batteries, but I'm honestly not. Never seen an attack through a battery so far (correct me if I'm wrong).

I mean they did lower the price by 33% which is a large jump and the Li-Ion will definitely hold longer. These things are common (which I really like for longevity / what if Foundation fails & I need new batteries etc.) and hold around 1000mAh, I believe. However, they discharge better, if it makes sense. So it will be similar battery life to the Lithium batteries (multiple hours on a charge), but you can recharge and also carry a second battery. I really loved when phones could do this (e.g. bring a few charged spare batteries on a trip and not mess with charging all the time).

---

Hehe, you know me - I'm not 'someone' Oh yes that would have been a cool idea, to simply include rechargeable AAA's, but I think those then would also have a closed-source chip which is something they wanted to avoid and thus chose to use standard 'dumb' batteries. I still like the idea of 'dumb batteries', but maybe the circuit could have been designed around Alkalines instead of around Lithium cells in a way. Though if the current draw is too high, there's no way around Alkalines or Ni-MH (but then you have to take into account these operate at 1.2V).

Oh, for sure, but maybe it would be worth adding to the guide or something. Like, especially with airgap, people may expect to be able to use it on fully infected machines and shit and rely too much on perceived security. On the other hand, the large screen makes it very easy to confirm the receiver address and if that matches, you're obviously good.

In my opinion, the new price of $199 is substantially lower and well priced. I would probably recommend even FE for $199 (without the planned improvements). Just found $299 too high, but that's probably due to economy of scale and being start-up.

---

Yup! I knew I missed something. I wanted to better explain in the review but forgot. From what I see, there are two issues.
1) If you draw an even moderately high current from Alkaline batteries, their capacity cripples. You cannot draw 1.2A (1200mA) for an hour straight from a 1200mAh Alkaline, for example. You can draw a tenth of it for 10h though. Since the Passport runs a normal microprocessor, I expect it to pull anywhere from 500mA to 1A for sure, which is simply too high for Alkalines, they're not made for it.
2) The circuit just can't work with anything below like 1.3V... A battery is not dead at 1.3V, so I would have expected some circuitry to meaningfully 'boost' it up to 1.5V in the device (even though there are losses when doing this) so it can continue working until really fully drained. This can't defeat physics / chemistry (1) though.

I don't think the camera is active while not actually in use or anything like that, to be honest. But if yes, these kinds of issues would be easy to fix via software update.
Will check the code and add a few more lines to the original post about this battery stuff.

---

Well, let's say you're doing a workshop about Passport setup and usage for example, then you could have screenshots to insert into your presentation or something like that, I guess. Or maybe for Snake highscore simply.
No, you can't use the microSD as a key, you need to use the PIN code. I also didn't talk about this since it can be found in the setup guide, but when you enter the first 4 PIN digits, it shows two words. If you don't recognize these words (should always be the same 2), you know this is not actually your device and you shall stop entering further numbers. It's then a trap designed to steal your PIN, right. If you were to just insert a microSD with the key, this mechanism wouldn't work and you could risk giving away your key to an attacker.

---

Thank you for taking the time to reply and speak openly / acknowledging issues and explain reasoning behind decisions!
To be honest, I would have liked to research a bit more, also test multisig implementation and delve more into the code, but I only have so much time at the moment. Also I saw already a bunch of people successfully use multisig with the Passport, so didn't feel the need to test it just for the review.

This is pretty on point, to be honest. Like, I see how you went security over anything else in almost all aspects, and I generally commend it if a product has like a straight objective e.g. usability first, longevity first, or security (or another objective) 'first' and follows through. I still don't get the inclusion of the extras menu since everything else, especially the hardware, is so 'laser-focused' on security, even trading screen quality and battery life for security.

Definitely agree, it was one of the main selling points for me. Wasn't it possible to make the circuit work at lower voltages like 1.3V (around the time when it shuts down) by boosting voltage or otherwise?

I don't think you necessarily had to move to Li-Ion though, if it was maybe somehow possible to design the circuit around Alkalines. You now have the added benefit of less thickness, but not sure that's so important.

Right, I see. I mean, now I see more why some choices were made (even though explanation about screen choice was given before buying & was actually a selling point). Basically, you went all-in on security on every hardware element, even if that meant a sacrifice in another aspect. I guess one can't have everything!

Honestly, same screen but with backlight and no scratches would have been fine as well - retaining security & improving the finish. But glass top of course is the best option. Not sure if that would have been possible on top of SHARP tamper-evident LCD.

Sounds good!

Exciting - February is not long from now. I understand; this time you are going more 'traditional' in a way with recessed, presumably non-tamper-evident screen and Li-Ion battery with proprietary chip.
I'm now wondering if you're considering re-releasing FE with maybe better plastic QC on the screen and other back cover colour (to distinguish from FE since it was limited to 1000 units) as the 'more secure' option while the new version would be the 'more usable' option for instance. So customers could have a choice to simply buy what they prefer.

I do think some people here would prefer getting the Passport with AAA's if the screen wasn't scratched from the factory over getting one with Li-Ions. Just an idea. I think Keystone / formerly Cobo Vault had choice options between AAA or Li-Ion.

Me personally, would choose v2 probably (though not seen yet), since this device seems like a 'daily driver' to me, only issue with that being the battery choice and perceived delicateness due to pre-scratched screen (though it doesn't seem too delicate while using). Also just this 'phone form factor' makes one want to put it into the pocket and carry it with you.

Just a suggestion: Can we have a 'phone case' for FE and / or Version 2? Pretty please?
Would prefer without clear part, just all fabric - since that's what I last used many years ago... (can't find images)

Actually, something like this is what I'm envisioning:


In general, a few accessories such as screen protectors, cases, kind of typical 'phone stuff' would somehow make sense for these devices, in my opinion! Maybe even replaceable back covers for customization.

I'm really surprised and excited you guys are lurking around here! If you check Hardware Wallets subforum from time to time, maybe there will be some ideas for future Foundation devices!

PS: One more question; will both devices run the same firmware? If not, will new and old device's firmwares be developed and maintained in parallel?
GitHub has no repository for the new firmware, which makes me hope they run the same one; thus reducing codebase to maintain + elongating FE update support.

Hi, this is Zach from Foundation Devices.

First, thank you (truly) for taking the time to write such a thorough review, and researching everything, and reading our support material and Github documentation. Not everyone does that.

I think, overall, I largely agree with your review and takeaways. We are really proud of Passport Founder's Edition, especially as a new hardware startup with, at that time, a limited budget and 4-person founding team. But personally I think there were many things we could have improved with Founder's Edition. I think you accurately identified them.

As you may know, when you are making hardware, you have to lock in decisions months in advance to deal with lead times. The physical plastic and metal parts can take 3+ months to produce. You have to release the designs for tooling, then get back first articles (and sometimes numerous revisions), and then approve for production.

The same goes for the PCB design – we go through numerous prototypes and testing, and we have to lock the PCB component placement 3+ months in advance to align with the plastic/metal production schedule.

In this case, we made some fairly hardcore security considerations that I think lessoned the overall quality and user experience. It's a balance, and I think we leaned too much on the security side for the Founder's Edition batch.

Batteries

For the batteries, we chose AAA's very early on for a few reasons. We liked the security profile (they are 100% "dumb" with no chip inside), they are readily available across the world, and they allow for the device to operate in an airgapped manner.

What we didn't realize, though, is how bad normal AAA's are at holding their voltage. If the voltage dips too much, then Passport simply can't operate. So normal AAA's used with Passport aren't fully drained – they can be used in devices like remote controls – but they are too drained for Passport to handle.

We didn't realize this until later on, and by then it was too far along to pause everything and redo the electromechanical design. So we responded by canceling our order of normal AAAs, finding some sources for more expensive Lithium AAA's, and publishing a support guide that recommended an option of rechargeable lithium (constant voltage) AAA's to our users.

In hindsight, I think our AAA decision was a mistake, and we are rectifying this for Batch 2.

Screen

We likewise made the screen decision primary for security reasons. The screen is a Sharp Memory LCD, the same type that is used by bunnie in his betrusted/Precursor project. The screen does not have an embedded chip, and instead has circuitry etched into the glass itself. This would, theoretically, make tampering more difficult. We consider this to be a "tamper evident" display.

But the downside is that we needed to purchase the display with some kind of external light source. We chose to purchase a stock version, with frontlight, that was available from Digikey. We were able to place a bulk order.

Unfortunately, the frontlight quality was underwhelming, but it was the only viable thing we could ship with our lead times (we didn't have time or budget for a custom backlight). The lighting was not bright enough and uneven.

I think we leaned too much on the security considerations of the screen, and did not fully consider the quality/UX tradeoffs. A brighter LCD display would have made for a better QR code experience with computer webcams, and would have exuded quality.

In hindsight, I think our screen decision was a mistake, and we are rectifying this for Batch 2.

Plastic Quality

For customers who preordered a Passport Founder's Edition, we communicated this previously – we struggled a lot with our selected plastic supplier. This was the primary cause of our moderate shipping delays (about 2 months late). We had to do numerous revisions to the sample parts, and it was frustrating when after a few revisions we had to approve the plastic even though it wasn't perfect. It was either that or start all over again with a new supplier and at least 3 months of further delays.

The plastic issues consisted of marks on the front black housing and fine scratches on the clear plastic screen cover. Some were really bad, and at production we had to spend a lot of time sorting plastic front housings.

We later had the supplier send us another 1000 parts (free of charge) with a plastic film protecting the front cover. This helped a bit, so later Founder's Edition orders actually received slightly better plastic quality.

We are deeply upset that this happened, and can assure you that next batches will have higher quality plastic.

Additionally, for Batch 2, we have moved to glass. As you mentioned in your review, that means it could shatter. But we are using glass with 6H hardness, which is on par with some versions of
Gorilla Glass. I've taken a razorblade to it and it hasn't scratched. So hopefully it will be a big improvement and a good tradeoff.

Summary

Overall, I think Passport Batch 2 should address all of your concerns. We’ll be unveiling it in February.

It will offer a different set of tradeoffs between security and UX/quality. Hopefully most people will be comfortable with these tradeoffs. I know some will be upset about the new Lithium Ion battery, or the new screen, or the cover glass instead of plastic. (And we refund preorders in full if anyone is unhappy when we do the unveiling).

Again, truly appreciate this review, as someone who has been lurking on-and-off on this site for a very long time it's humbling to see a post about our product.

It's the first time I saw this hardware wallet and it does look interesting. The wallet where looks like a mobile phone and you could have codes to bring you to a secret menu. That's amazing that you can play games on it but I don't get the idea of screenshots though.

Can you use the microSD as a key to using it as well? Not just having a Pin or code?

I know we discussed the battery life or lack of it in another thread. Did you ever trace down what might have been pulling all that power? I think that they are powering the camera when not in use due to what I saw on the power feed when I had one in pieces but I only had it for a few minutes to test before it had to be handed back. It was not mine and they were shipping it back so I could not be sure and did not want to really bring it up till someone else was testing one.

Slightly OT but wage cost on something like this should not be an issue. Even at $20 an hour + benefits it's a non issue.
Sidehack designed and built a complete miner for $300 https://bitcointalksearch.org/topic/gekkoscience-terminus-r606-750gh-up-to-1th-quiet-miner-now-shipping-5131245
ColdCard is from Canada with higher and more expensive costs then the US in a lot of places and they have theirs for under $150.

-Dave

I didn't expect someone would review $299 device (excluding possible import tax and shipping cost). But with such high cost, i'm really annoyed they don't bother include rechargeable lithium AAA when they include industrial class microSD.


IMHO, if people choose FE rather than other hardware wallet (such as Ledger and Trezor) which is cheaper and easier to use, it's more likely they have better secure practice. I wouldn't worry about malicious application which replace PBST file if you perform good security practice and verify the transaction before sign/broadcast process.


I doubt it's easy to lower the price when it's still assembled in U.S which have high wage cost.

Regarding the scratched screen. Does Passport have any recommendations on how to protect the device from further scratches? In the OP you mentioned that the curved screen makes it difficult to stick on a screen protector. I haven't really played with those things, so I don't know why that would be a problem.

A big no go to me is the batteries. The wallet itself is rather expensive + you are going to need a new set of batteries quite often. You only got 4 hours out of the ones that came with it? That's really bad performance-wise. The money you will spend on purchasing new batteries will be more than what you paid for the HW.

I see from your post that the second version will be shipped with Li-Ion batteries. Hopefully that can improve the stand-by time.
If they can fix the insufficient battery life, lower the price, and manage to create a HW that won't suffer major security issues and vulnerabilities in the future, this would be something I would consider purchasing for long-term storage. At the moment, it isn't.     

Today, econoalchemist published his Foundation Passport usage guide!
I only quickly skipped over it, but it seems very thorough, so I'll leave this here.
It's a great addition to my two own posts, because he doesn't review it like me, while he does go very deep into the setup and usage process so it's definitely more a guide for newbies who just got it compared to a review; but surely still very helpful.
https://bitcoinmagazine.com/technical/how-to-use-passport-hardware-bitcoin-wallet

Also discovered an update by madman @zherbert on Twitter regarding the one user's broken screen.
I'm not sure they would have put in so much effort if it would have been a random unknown Twitter user, but they even made a video mentioning the person with broken screen directly and showing that it seems pretty durable.
It's weird that the customer hasn't apparently replied to their replacement offers in multiple days, to be honest, after being so outraged in the first place.
https://twitter.com/zachherbert/status/1486108156061224961

From the artifacts seen on the screen, the price ($30 component) and the video demonstration, it seems Zach's guess of a misplaced screen connector is more realistic than the screen just failing after a few months.

Setup Walkthrough

Unboxing
The Foundation Passport comes in sort of two layers of 'tamper-evident seals' / stickers. This is how it should arrive (inside a larger box) at your doorstep.


They have a very well made, and still relatively short, setup guide, which should make it really foolproof not only to setup the device itself (later), but also goes through even the unboxing and explains what to verify (integrity of the stickers and such) when receiving the package. It is very well suited as a first wallet, even for newbies.

The setup guide can be found here and contains text as well as videos.

What's interesting is that they say:

There is no way to verify the validity of such claims^{[them not saving codes]} (no strong opinion for / against either way) and what I find funny is that they refer to these 4 batches of FE devices, but call the new wallet coming out in March 2022 'Batch 2'. So there will be a difference between 'Batch 2' (new device with rechargeable battery etc.) and 'second batch of Passport FE' (B723...). Confusing.

Inside this box, there is the actual device's box which has a second tamper-evident seal, that I talked about before.

Both seals seem quite generic and like they could be bought from a random place & replaced in transit, however the inner box might be hard to source with logo and everything. Because of course, you can't break the seal and reuse the box, that would be visible. The outer box could easily be replaced for sure, though. But Foundation has additional technical mechanisms in place that I'll talk about later (boot counter, no 'resettability', supply chain validation).

Contents
The inner box is pretty well made and compact & can be used to keep the wallet safe in a closet or similar after being set up. Also has some space for spare batteries and micro SD cards (for PSBT!! don't store backups together with the device!).
You get a physical copy of the Bitcoin whitepaper, which from the styling resembles a bit a bible or other 'holy book', two stickers with the now old Foundation logo (future collectible? ) and a pretty postcard (not pictured here) as well as the standard thank you card with QR code to the above linked setup guide.


Setup QR code
QR code with link to setup webpage: https://docs.foundationdevices.com/en/setup-guide


Terms of use
I found it a bit amusing to read the terms of service only then, after buying this thing, waiting, opening two seals and starting a non-reversible setup process (hence no way of returning it or anything like that), but it was the next step in the setup process, so I read it through. Maybe read TOU before buying a wallet (in general) since they can't be returned in case you don't like em!

What I liked is that they're not very long and pretty straightforward. You also have to accept them on the actual device itself to continue, which I found interesting.

Of course, I disagree with this but I think they have to put it for legal reasons

Supply chain validation

During setup, you go through a so-called 'supply-chain validation' process. This is supposed to ensure that it hasn't 'been tampered with or swapped out with a malicious device before it got to you'^{[https://docs.foundationdevices.com/en/setup-guide#step-3-supply-chain-validation]}. They do that by programming a key into the secure element.
Now, to be honest, I've got an issue with this. They introduce a single point of failure. They talk about how they have a dedicated, air-gapped laptop that is used to program all Passports with that key, it is done locally in the U.S. and the laptop is tightly monitored and everything like that. I'm also not entirely sure how other wallets make sure the device is untampered (maybe rely solely on seals?) and also not sure how it could be improved, but it seems odd to me with this 'magic laptop' and everything.

PIN Setup
The next step of the guide instructs to set a permanent device PIN. I'm interested in your opinions here; I think I didn't come across a basically non-resettable wallet so far like this.

It seems you can reset the seed but not the device PIN.

For example, when resetting the BitBox02, it also resets the device password. Maybe you're screaming at your screen right now that the BitBox is super insecure, in that case enlighten me in which scenario having a non-resettable device PIN would be more secure!

Firmware updates
I'm just continuing through the setup guide here, because in this step there are again a few things worth mentioning. Instead of any other device I had so far, they don't instruct how to or even recommend checking the sha256 checksum of the provided .bin file, instead you shall just write it to a microSD card and insert it. Before the Passport upgrades its firmware, it displays you the checksum on the screen.
I personally find this easier, especially for Windows users without shell access with preinstalled shasum command. Also, it kind of forces you to do it since it comes 'right in your face' while trying to upgrade.
However, there is no PGP key to import / verify against. I'm not sure this is needed though, since the firmware update file itself is signed and only runs if it has 2 out of 4 Foundation developer signatures. So in a way, it does check PGP, but just all on-device, opposed to doing that on the host before transferring the file.

One could also argue this method is more secure, because otherwise a virus on the host machine could replace the firmware last-minute after it was verified for PGP and SHA256, right before the microSD card is ejected. Maybe you could also write a virus that hooks into Windows' 'eject' function for example, to only then replace the .bin, which would make all the previous integrity checks void. Hence I really like the approach of checking this stuff on-device!


Seed setup
The last setup step is the setup of the seed. A seed could be imported (e.g. from a broken / old hw wallet you want to replace) or generated new. It uses an open source true random number generator, which I find pretty cool.
One thing I know a lot of people might not like is that you can read out the seed after initial setup by navigating through the advanced menu. What do you guys think about it? I find it practical to e.g. verify a day later that you copied it correctly, or when creating a second backup in the future, it's better / safer to copy directly from the 'origin' than 'copying a copy', right? But I see how it's a tradeoff where maybe someone could be forced to show the seed or something like that; on the other hand, we still have passphrases, so I don't know.

Contrary to other wallets, which sometimes save the seed in plaintext to the SD card, the Passport saves a backup file on the SD card which is encrypted with an additional password. I think many users will end up with too much stuff: a microSD card, a password, and maybe additionally a pure seed word backup. In my opinion, the latter is enough; however the more complex microSD card backup will have the advantage of being importable into a new Passport and retain settings, multisig configuration etc.

Many users are also worried about the longevity of microSD cards compared to laminated paper or metal seed backups. I agree that these are safer than an SD card as they're more resistant to water, dust, radiation, heat and cold, as well as even fire (if using metal).
Foundation does use an SD card from SanDisk's 'industrial' lineup. It seems these are much more temperature resistant than other models, so you could bury them outside and stuff like this without worries.
So for my metric friends, this is from -40°C to 85°C. Operating temperatures; so it can be used outside in most places of the world at most times of the year, which is great!

Review

After owning the Foundation Devices Passport 'Founders Edition' for a few months, I would like to share my thoughts / experience!
I kept notes of stuff I tried so far, so I hope I'm not missing anything.

Full disclosure: I bought it completely with my own money, no contact to Foundation, no affiliation or anything and also preordered the "batch 2" (which is more a version 2 than a batch 2 due to all the announced changes), again out of my pocket. They did provide a 21% discount code and it costs 33% less than the founders edition by default ($199 vs $299), so with the code it comes into BitBox02-and-similar-territory (150ish) which I find a good / normal price for a hardware wallet. But I'll talk about it more later. I wouldn't have ordered it for $299 though, after my experience with v1.

TL;DR: It's good, but not $299 good, I think.
Still my current favourite wallet.
Pros:

• Completely open source
• Has secure element
• Airgapped
• Easy setup and usage
• Compact size
• Large screen
• AAA batteries will always be around
• Usable with any device that has a webcam

Cons:

• Delicate screen (scratches)
• Pretty dim screen brightness
• Kind of need special batteries
• Expensive

---

Features:

• Truly open source software: https://github.com/Foundation-Devices/passport-firmware
• Open source hardware: https://github.com/Foundation-Devices/passport-electronics
• Open source mechanical design: https://github.com/Foundation-Devices/passport-assembly
• Airgapped (microSD or camera)
• Secure chip: ATECC608A-MAHCZ-T (source)

First impressions
My first impressions were pretty good: the device is relatively heavy, the material is soft to the touch and it's trying to feel like a 'premium' device. However, the screen has tiny scratches which are very annoying to see on such an expensive device. They are not noticeable in normal usage or when looking at it from a bit far away, but if you look closely it becomes apparent. At first, it seemed to me like a protective foil, but it doesn't have one (why??). The screen is also pretty dim; I'm not sure you can really use it in full sunlight for example.


Here, we see the tiny scratches on the screen's surface. I've got a note from my initial impressions that they somewhere mentioned / admitted themselves that somehow all or most FE's have little scratches like this, but can't find a reference to that information again right now. I also spoke to them and they reassured me that the new version will have an improved screen.


I don't understand wallet manufacturers when they make such an integral part of their admittedly mostly not cheap devices, so prone to wear and tear. I know I'm going on a tangent here, but I noticed this a lot - but tell me your opinions - hardware wallets often seem to have little thought into screen durability. Especially the newer, 'shiny' designs: BitBox02 has an easily scratchable screen (just after a few days of normal use and sitting in a drawer it was full of microscratches). Ledger Nano X also has a non-recessed screen (not tried it myself). And of course Foundation Passport here comes scratched. In my mind, these devices are kind of a semi-hot wallet, in that they allow you to do daily transactions easily and quickly, while also being a good option for long-term hodling (unlike e.g. a phone that you replace frequently). So durability has to be taken into account if you offer a product that is supposed to still be usable in 10 years time.^{[rant over]}

It seems to me that the approach in Trezor One and Model T are your best bet: simply recess it into the device a bit and call it a day.
From experience with smartphones, anything plastic and shiny will scratch over time, while anything glass won't scratch but shatter.
Another option could be screen protectors. However, the curved screen on this wallet specifically, would make it tricky to achieve.

It's reassuring to see that Foundation is moving to a recessed screen in version two (but I'll have a segment on that later down):

It also seems to me like it didn't pick up any more 'new' scratches since I got it, so maybe it doesn't scratch from usage but only e.g. from being mishandled during production. However, I always kept it in its box, so there's that. I envisioned using it more as a daily driver (to throw into pocket or backpack) but the scratches and poor battery life discouraged me from trying that.

Size & shape
Yes, I am making a segment just about the size of this thing! It seems to me they got a lot of flak from people complaining it will be too large or too thick, that it looks outdated / old and stuff like that, before it was released. Let me tell you: This wallet is tiiiiny Really, it looks much larger in pictures! It's smaller than an old phone for sure. Maybe draw it out on a piece of paper and cut it out to get an idea if you're unsure^{[that's what I did]}.

It does have the shape of an old Nokia, but I don't think it's a bad thing because it is an easy to use form factor for such a device. It makes it easy to input passphrases, PIN and also see a whole transaction on the screen without scrolling. It could also serve a bit for plausible deniability; it has no active 'pd feature' (like showing a contact list or stuff like that), but you could probably sign a transaction in the office and colleagues might think you're just playing around with an older phone.

Battery
The elephant in the room? Usage of AAA batteries! When I first read about it, I was excited. It made so much sense: the classic triple-A is around for over 100 years by now, and probably always will. So compared to Li-Ion rechargeable batteries, you can tuck this thing away somewhere for cold storage with (or without) a set of batteries and when you take it out in 10 or 20 years time, it will be easy to find batteries for it and access funds. Instead, a rechargeable Li-Ion battery will be dead by then and you may not be able to find a fitting charger. Imagine finding a 20 year old Nokia phone right now; would you know where to quickly get a charger for it? I don't know if we'll have micro-USB or even USB-C in 20 years, but we will have AAA batteries.



Now, one culprit we find is that this device only really works with Lithium batteries. Not Lithium-Ion, Lithium (non-rechargeable). An Alkaline will suffice for sure (e.g. in '20 years' scenario) to send a transaction or two, but the issue is their capacity drains super fast if you try pulling higher currents.
A typical Alkaline has 1200mAh, so you'd expect to pull 1.2A for 1h? Not gonna happen. It will happily give you 12mA for 100 hours, though. Hope that makes sense.
Alkaline batteries also discharge differently than Lithium ones. The latter hold a higher voltage longer, and then drop off quickly, while the former go down more linearly. That's why a 1.3V Lithium cell may be almost empty while a 1.3V Alkaline still has a lot of juice in it.


The Passport also doesn't play well with normal rechargeable (Li-Ion)NiMH cells, since these start at 1.3V and from my testing that's approximately where Passport stops working due to too low voltage.
This is one of the reasons the batteries don't hold that long: an Alkaline battery with 1.3V is still over 50% full, but the voltage is not high enough for the Passport. Hence, if using rechargeables, you need constant-voltage ones.

They explicitly recommend Lithium cells and also send a set of two; you can find more information on Lithium batteries on Wikipedia. Matter of fact though, they are very uncommon and expensive. The ones that came with my Passport lasted for probably 4h; while Alkalines last maybe 15 minutes or 30 tops.


Another option are constant-voltage rechargeable Li-Ion cells. I honestly think these make more sense than buying non-rechargeable Lithium ones.
Rough prices:

• 32x Alkaline: 15€
• 16x Lithium: 30€
• 4x rechargeable constant voltage (builtin charger): 25€

Since the Alkalines go flat so fast, I would probably get rechargeable ones instead of Lithium, since they can be reused so many times and still cost less than a 16 pack of Lithium cells. Also less pollution and less hassle of buying batteries regularly.

Edit: Due to suspicions about camera being on even while not scanning QR codes, thus draining batteries, I checked the code.
As we can see, the camera is only enabled when starting to scan.

Security
I stated this once or twice before, but as of now, QR codes seem like the most secure communication method between hardware wallet and computer. Of course, there are many definitions and implementations of the term 'airgapped', but a few issues with other methods I'll present here.

• Bluetooth: In BT, the whole stack is one 2000 page spec (and growing), so compared to WiFi which is only high layer, the spec alone is a mess already. It goes from application layer to physical layer, and has to cover everything. The implementations are even worse and security researchers find vulnerabilities in Bluetooth all the time, to the point that it's not even such an interesting research topic anymore.
• Non-standard QR: Compared to Passport's standard PSBT QR codes, some other wallets use proprietary QR codes which bind you to the brand's own wallet app(s) and could include information you don't want to be transmitted between devices. Meanwhile you can photograph and control Passport's QR codes and verify it's just simply PSBT files encoded in QR.
• NFC: Similarly to existing attacks on credit cards, NFC can be easily wormholed since it has no protections against it on the physical layer and you have to trust the implementation mitigates these risks on application layer (through timing etc.)
• microSD: This is a method that the Passport itself offers, but I find very risky. As soon as you insert an SD card into a computer, basically any process and any unprivileged app running on it, that has filesystem access (most of them, even the browser..) can read and modify the contents of that SD card. It should be pretty easy to write a background program that waits for SD cards and replaces PSBT files on the fly.

It's pretty hard to middle-man a 'QR code connection'; I don't even know how such a setup could look like, but it would involve a lot of convincing someone to scan QR codes they don't know with their Bitcoin wallet app and having them scan another code with their HW wallet, which I find very unlikely to succeed. I'm not sure a completely passive attack scenario like in NFC or microSD even exists.

Hidden menu
For some reason, Foundation Devices thought it's a good idea to include unnecessary software in their firmware for a premium-priced, supposed high-end hardware wallet. I don't think anyone will secure $100 of BTC in a $300 device, but at the same time you wouldn't want to store large amounts on a device that has games on it, right?

It is accessed by typing these keys within 3 seconds, also known as 'Konami Code':


You can play Snake, Tetris and there is a fake Internet Explorer loading screen 'game'.
There is one useful feature though; it allows you to take screenshots which are saved to the microSD card.
I could imagine this useful for creating tutorials / educational material in different languages for example.

They argue that since it's all MicroPython code and no way the game influences anything during payments or other way round, no matter how you try to attack, I always prefer my code as 'lean' as possible, with as little stuff in it as I can. I think this is a security practice everyone should follow. After asking them via E-Mail, they unfortunately told me they aren't planning on a 'pure firmware' without these shenanigans unlike ShiftCrypto with their Bitcoin-only firmware.

However, you could transfer your own developer key onto the device and flash it with a self-compiled firmware without the games. https://github.com/Foundation-Devices/passport-firmware/blob/main/DEVELOPMENT.md As far as I know, when booting a developer firmware, it will show a disclaimer every time it boots so you know you're not running modified firmware, if you didn't flash it yourself.

Version two

I am not even sure how to call their new device. Looks cool! It will ship in two months from now roughly and as I said, I preordered it for a bit over 150 bucks which I find a fair price for such a device. I don't really like it being called 'batch 2', since it seems it'll really be more a new version / refresh than a second batch of the same device. It always sounded like after the founders edition there would be a 'normal edition' or so, maybe just other colours and small improvements. But with reduced price of $199 from $299 and 21% discount for FE customers, it's not too bad. Still I'm not a fan of 'punishing' early 'backers' of a project by immediately releasing the new version afterwards.
Since I just talked about batteries, one of the biggest changes will probably be the switch to a Li-Ion battery.
I don't think it's as well suited for a long-term cold storage solution, to be honest.


But I really like that it seems to be a standard size, commonly found (for a while and probably continuing) in a multitude of devices. I think I even had a phone once with this exact battery; it's probably available all over the web or literally from a phone if needed.

One point to consider, though I'm not sure how big a risk this is, comes straight from them a while back:

Discounts
I haven't seen many discounts by them so far, except the one for FE customers, but I just found that they do have independence day deals, so if you're interested in such a device but not in a hurry, summer's around the corner, right?

Source & Reproducibility
I'm very content with how much information can be found on the GitHub. Down to every single resistor, there are BOMs and all kinds of file types needed to answer all hardware and software questions with a repository search and a bit of time.
Just also found out that its builds are confirmed reproducible by WalletScrutiny!