Topic: Foundation Passport Official Thread - page 11. (Read 4649 times)

after the disaster of a very well known hardware wallet manufacturer i am now looking for a new hw-wallet...
play now with the idea to buy me the passport batch 2. but since the price is already in a very high category, i wanted to ask politely if there are perhaps also current vouchers that reduce the price a little - because the shipping to the eu is then certainly also in the double-digit dollar range

Passport/2 can not be paired and communicate with Electrum via QR. (The limitation is due to Electrum itself. ) This HW does it via json file. Just have checked it using  my Passport 2.

But why bother yourself with Electrum?

Sparrow is much better in term of privacy. It is capable to connect to BitcoinCore and communicate with Passport via QR.

But if you prefer public Electrum servers Sparrow is capable to work with them as well.

Can someone confirm if this HW works in combination with Electrum with the help of QR codes or only as described on the official website with the help of a microSD card? https://docs.foundationdevices.com/connect/electrum

Thanks for response.

Could you show here the  p-values (relevant to Passport's TRNG) for each test from NIST suite?

Alternatively, refer me  to relevant Foundation's official  source if any.

That is incredible to hear, congratulations to the team over @Foundation. I wonder, do many clients sign up for the Concierge Setup? Or out of all your orders this service represents only a fraction of your income?

Not a re-write, a completely new piece of software/firmware is necessary for the next device, will be very clear why when we announce it

And yes, absolutely will as both devices will be offered in tandem when it's released!


Absolutely, we're leaning towards an audit on the current code base now, will update when we have more firm details.

Another re-write? Just now when you finally got passport2 running on FE.. Hopefully the gen 1 and 2 devices will continue to be supported.

Do consider a more thorough audit though, as I mentioned, where they actually try to execute supposed security flaws. I believe this gives us consumers a better picture as to how realistic / possible certain attacks are. For security-conscious buyers, this is very helpful information that most manufacturers can't actually provide.

Here is a quote from our CTO, Ken, on the question you raised here:


Oh my, by far the craziest week in the history of the company! Not only did we have the biggest firmware and software releases yet planned (Envoy full mobile wallet and Passport v2.1.0 with Key Manager and much more), but the price drop perfectly coincided with Ledger's fiasco and made for a powerful duo. We sold 6wks worth of units in 36h, if that tells you anything, and the rush has barely slowed down even after going out of stock due to the craziness.

Fantastic to see people rushing to safety in truly open-source software and hardware and finally understanding the risks inherent with introducing trust back into the system with closed-source code.


As of now there are no plans to do another security audit on the current code-base, but we will absolutely be having an audit done on the next device we're working on now, as that will be a complete rewrite from the ground up. I will, however, prompt the Wallet Scrutiny guys again to try and get them to update their tests as our code is absolutely still reproducible so I'd love to have their tests inline with our current codebase/version.

I'll re-raise the idea of an audit on the current code-base internally, though, and report back here if that changes at all.

and, for good measure,  the reminder of my hard-nose question


resulted from the fact that

Hey @foundationdvcs I just realized your last professional security audit was in [1] Q2 2021. Are there any plans for a fresh one any time soon? Maybe you could also try to get the WalletScrutiny guys to re-run their script which checks the latest firmware version for reproducibility.

I also believe that the audit you got was purely a software review and didn't actually attempt to execute the attacks they describe. That's especially evident from your response where you were able to refute many of the 'potential risks' that they had claimed existed.

Nevertheless, the audit also seems to only have covered the FE branch of the Passport firmware, and I know how much code changed from FE to Batch 2. So I do believe a new audit would be good, maybe this time from someone who also actually tries to exploit what he believes could be vulnerabilities.

[1] https://foundationdevices.com/security/

Could you also share with us how was this week for you? If I were to guess this surely has to be one of the best periods of Foundation ever since the creation of the company, or am I wrong saying this? The price reduction just in time to reap the burning house that was/is Ledger has had to be a wombo-combo for your company (and rightfully so).

Will get back to you ASAP, just getting caught up on this thread after a crazy week for the company!

OK, then it seems Passport generates SEED's entropy solely from random physical process.

However,  response from foundationdvc   would  be appreciated as their statement "TRNG on SE" is slightly misleading -  Avalanche diode is not on SE.


Just my curiosity

They said TRNG on secure element, but Avalanche diode is not on SE.

At the same time

output from BRNG  (that might  be hardware based and implemented on SE) seeded by "white noise" would be very close to being truly random .

Some manufacturers call BRNG seeded by randomness from physical process as TRNG.

---

UPD. @foundationdvcs, please, don't be silent, waiting for your response.

I'm not sure about that; from what I can tell, the noise_get_random_uint16 function returns one byte by xor'ing the two analog outputs of the avalanche circuit, four times.


I can't find a function that feeds this to a PRNG (pseudo RNG); the result just gets used by different functions that e.g. fill buffers with multiple random bytes (acquired by repeatedly calling noise_get_random_uint16).

But maybe @foundationdvcs can give a more definitive answer on that.

I'm curious how you got the idea that they would feed the avalanche entropy into a PRNG..

Well, OK, but the question remains whether they sample  256 bits of that randomness and produce relevant SEED from it or  use those 256 bit from Avalanche to feed BRNG for subsiquent SEED generation.

Latter means that some deterministic rule is applied to Avalanche's entropy to get random number  for the final SEED.

BTW, I have changed my mind as  to  implementation of password feature in Passport and must confess their decision to erase  it  from memory at shut down is the best one in term of security.  

Here we can see the schematic and PCB location of the Avalanche circuit.
Knives and batteries are not the best combination..

I remember years ago when I needed spare batteries due to my work, there was a little trick you could do to get a slightly bigger battery to fit in place. Most batteries have like a plastic cap on one side, maybe on both. If you take a knife, you can tear off that cap to reveal the inside component of the battery. It's going to look weird and be a bit sticky because the cap is glued to the battery. However, you get an additional millimeter or two in size reduction, which might be just enough to get the battery to fit inside the device. Do it at your own risk, of course.

@foundationdvcs, Passport uses Avalanche diode as a  source for its TRNG.


Yeah, and besides, such compatibility  allows to replace original Passport battery at crossing customs borders and disguise a bit  the real thing.

The only reseller that I saw reflecting the latest price was Bitcoin Brabant[1] (sold all their units[2] and are now waiting for more[3]). They also add additional tamper bags for your shipment and delete your data as soon as your order ship, which is great for privacy[4]. Sadly it seems that some resellers in EU are hit or miss - either they only have the Foundation batch (with the initial price), no stock at all from neither devices, or the Batch 2 original price (some with no stock as well). Bitcoin Brabant seems to be the one leading the race in having more stock soon[3] and being a reliable reseller.

---

[1]https://bitcoinbrabant.com/product/foundation-passport/
[2]https://nitter.it/BitcoinBrabant/status/1658837864724013063
[3]https://nitter.it/BitcoinBrabant/status/1659764123616378881
[4]https://nitter.it/BitcoinBrabant/status/1658294784228728838

@foundationdvcs, it would be good to check the links of your resellers now that many have decided to find a replacement for Ledger&Trezor. I was happy when I saw that one of the IT stores in my country sells you HW, but such a product does not exist in their store (unfortunately) - link. Also, the prices at other shops (EU) are still unchanged, even the prices are over 300 EUR.

---

Question for those who ordered directly from the US to the EU, how much extra did you pay for shipping costs, customs, VAT?