Topic: Foundation Passport Official Thread - page 12. (Read 6599 times)

Sorry if im being so noob on this but, im not a professional in cyber-security.

I read your thread, and when i see you are using Sd memories, i have to say its one of the most corrupted things on tecnology. And im not talking about corupted by hacking or something, im talking about, i remember when the cellphones still use the Sd your archives can become corrupeted by no reason,i lost a lots of old photos saved on the Sd, so why if the data to unlock the wallet get corrupted?

Or im missunderstanding everything?

Thanks for your answers.

I think that having this kind of program is always beneficial to any company - It allows scrutiny and incentivizes the community to really dig into your releases to search for any potential flaw, earning some sats in the meantime. Congratulations on launching such program (unfortunately I lack the knowledge to help you on this regard)!

As an additional note from my side, three particular names come to my mind that may be interested in such program (looking at you guys - @n0nce, @satscraper and @BlackHatCoiner).

EDIT: I do like this particular paragraph on your announcement[1]:
Is this enough to justify saying: HYPE? 

---

[1]https://foundationdevices.com/2023/08/announcing-our-early-access-rewards-program/

Join our Envoy and Passport Early Access Rewards Program & Earn Bitcoin!

👉 Be the first to report any reproducible issue for Passport or Envoy beta releases and get a 10k Satoshi bounty in Bitcoin!

🔍 How to Participate

1. Test the beta releases for Passport firmware or Envoy app.
2. Report issues on Github.
3. All issues (the first time they are reported) are eligible for the 10k Satoshi reward.
4. Foundation team members will validate the issues for eligibility.
5. Rewards sent directly to your provided Bitcoin address or Lightning invoice.

Join the community, help us improve, and get rewarded in Bitcoin for your valuable contributions! 🎉

Learn more in our full blog post:

https://foundationdevices.com/2023/08/announcing-our-early-access-rewards-program/

P.S. -- We'll also be offering the top contributors to the program early access to future hardware products we create, with more details on that aspect of the program to come. 👀

I am guessing you need beta testers who will be inspecting and working with upcoming firmware versions and reporting their findings and bugs. Even though Passport is an airgapped hardware wallet, everyone interested in beta testing should probably wipe their devices clean before installing the beta software to avoid any potential problems happening to their coins. Generating a new seed and new wallets with little bit of BTC inside would be my way of conducting any tests required.

Just wanted to drop a quick note to let you all know that Passport is officially back in stock today after the crazy sellout in May!

Great time to get one for family or friends, and we've included some minor revisions to improve the keypad and microSD tray in this production run as well thanks to excellent feedback from many of you in our fantastic community.

foundationdevices.com/passport

We will also be announcing a unique new beta program for Passport firmware with some awesome incentives later today, so keep an eye out for that!

You meant they released update regarding Envoy rather that firmware that runs on their devices. I have just checked their official download page for firmware - it remains the same -  


Envoy is mobile app that accompanies Passport device.

Foundation has just released[1] quite a considerable upgrade regarding their firmware version (Envoy) (they went directly to v1.3.0 (they were on v1.1.0) and I think that is more than reasonable. There are a ton of quality improvements and bug fixes, but I'll just point out two that stood out to me: Azte.co[2][3] integration and the possibility for anyone that has the Founder edition to update within Envoy (no one is left behind!). Tremendous job @foundationdvcs, keep it up!  

EDIT: Per satscraper reply bellow, I've updated the thread with additional information - This update is applied to the Envoy app and not the firmware running on their devices. Thank you satscraper!

---

[1]https://foundationdevices.com/2023/07/envoy-version-1-3-0-is-now-live/
[2]https://azte.co/
[3]https://bitcoiner.guide/azteco/

This is actually available if you use your own seed with Envoy's mobile wallet, as you are then prompted to save the Envoy backup file somewhere, which includes wallet settings, labels, etc. without any private key. You can also do this at any time manually if you use Magic Backups under the Backups settings so you can always restore, even if Foundation's servers ceased to exist for some reason.


100% optional for mobile wallets, and intentionally impossible to use with Passport itself. Users are prompted on setup if they want to use Magic Backups or manual seed phrase, and both are always an option. We will *never* lock our users into features like this, and will always support the more advanced, more fully self-sovereign approaches. That is a key part of our company DNA and will not change!


Appreciate your input, sounds like you are definitely someone who will not be using Magic Backups and that is totally fine! We want to support people opting into Bitcoin from all walks of life, and not everyone is comfortable with manual seed phrases from day one. Envoy will prompt users to backup their seed manually as well, and will remind people to stop using a mobile wallet for all of their funds if they have over $1,000 stored there starting with the next update.

We will continue to push users to the fully self-sovereign path and simplify that where we can, and will always support users like yourself (and even parts of our team!) who would not feel comfortable putting any private key material online, even if encrypted.

I like your line of thought! Fully agree that running your own node is basically a necessity.
I've shown myself how to do it (hardware and software), even on the cheap, but do also like the idea of 'node in a box' solutions.
The main benefits I see are:

• Easier setup for new users (some options have great-looking GUIs for installing everything)
• Smaller form factor
• Lower power usage

Because of points 2 and 3, I've even considered building something small and efficient myself, e.g. based on the Argon One M.2 case for the Raspberry Pi 4B.

Yesterday, out of nowhere, I had an idea/guess regarding this new device you're working on - Would it make sense to be something to co-exist with products such as Ronin Dojo Tanto[1], myNode[2] and others alike? From my perspective it would make sense considering your mission[3]:
You are already providing a great tool regarding taking control of our money (and data) by means of being total open source, so the only part that is left is making sure that we are safe from prying eyes whenever we interact with that same data (and money). This would be where such devices would enter - taking the same approach that you did with Foundation Passport - such device, fully open sourced as well as their components, would allow to close the circle and cut ties with any kind of intermediate running a node or even blockchain explorers. Total digital sovereignty in it's pinnacle.

I might have gone rogue on this idea but I couldn't stop to share with the community .

---

[1]https://ronindojo.io/en/tanto
[2]https://mynodebtc.com/order_now

foundationdvcs said that they are optional and only related to the hot wallets created on Envoy. You can't backup your Passport seed in this way.
On request, the data can be deleted. Whether or not you want to trust Google and Apple that they have permanently deleted your files off of every single server they own is another question.

I appreciate that completely, but we both know people store large amounts of money on mobile wallets when they shouldn't.

Again, should be, but we both know lots of people don't use 2FA, use weak passwords, reuse passwords, have had passwords leaked in various databases such as haveibeenpwned, and so forth. In an ideal world an encrypted back up stored in the cloud secured by a long and random password and hardware 2FA key is very secure, but very few people actually use this set up, and the people who do use a secure set up like this will likely be using seed phrases and not cloud back up in the first place. As I mentioned above, I suspect the subset of users who would back up their seed phrase to the cloud overlaps pretty heavily with the subset of users who have substandard account security or general security practices.

Maybe it will be deleted from your account, but I doubt very much Google actually ever delete anything. Data makes them money. Google have been fined in multiple jurisdictions for collecting data they weren't meant to or not deleting data they were meant to. Not to mention it could have been leaked, hacked, stolen, shared, or whatever from the many servers around the world it is likely duplicated on. Once your back up has been exposed to the cloud, you should assume it is there permanently. The only safe course of action here is to move all your coins to new wallet.

I appreciate this is optional, and I appreciate it is only for the hot mobile wallet, but I am of the opinion that cloud storage is never secure.

That would be a good idea to have, losing labels is almost like losing all your history and content behind all your transactions.
I think some other hardware wallets have a way of exporting and saving this, but I would like to have something like smartphones have, export all settings and data in encrypted offline way.

Export to cloud is bad in my opinion for both hot and cold wallets, but I hope this is at least optional ''feature''.
If I remember correctly this ''secure'' iCloud was recently hacked and I don't trust any cloud solutions very, much, that is just other people hard drives.

But Envoy is connected with Passport so this can be confusing for some people.
I would add clear notification that holding anything in cloud is never going to be secure as keeping backup offline.
Is Magic Backups feature optional or not?

Easier is not better option most of the time.
Hunter Biden had all his dirty photos saved in his ''secure'' iCloud account, and look how that ended up.  

It's hard to say really, and I am not sure. Google products have SMS 2FA verification and even email confirmation. If they notice different IP ranges, you might have to verify yourself over SMS/email. Google probably keeps identifiable data on the devices that have logged in in the past and request more verification when a new one is detected. Additionally, Envoy's backups seem to be encrypted, so you would get an encrypted file at worst. 

Thank you for reminding me again, I totally forgot that you created such thread last year. As it is said the device is good and also as I said, I can't judge the device from a distance of just looking at the image and it description. In most time when we order things online, what we received from the company is different from what we order. I have discussed with them on rhe telegram channel to send me the order link so I do it from there.

This is absolutely only possible for Envoy's mobile wallet seed, and not ever possible for Passport's seed. Those are *very* different threat models, and Magic Backups only make sense for a mobile wallet with a small amount of funds. As this is all open source anyone can verify this, but due to Passport's airgapped nature there isn't even a way to easily do this if you wanted to (and of course we don't want users backing up there Passport cold wallet seed into the cloud).

This approach is a great fit for onboarding new users with small amounts, and we both always allow seed export from the app and will be adding prompts to have people backup their seed phrases separately down the road after onboarding as well for full sovereignty. Magic Backups are 100% optional and 100% open source, no one has to use them, and those who opt-in can only use them with Envoy's mobile wallet portion which should of course only be used for small amounts!

Apologies for the confusion there, I could have been clearer with the language used!


It is not that simple, as both accounts should be protected by 2FA. In reality an attacker would need to compromise your Apple/Google email and password, as well as SIM swap you (assuming you used SMS for 2FA). If the user does not have 2FA, then yes, their account could be logged into on a new device owned by the attacker, Envoy installed, and then funds swept as the seed is stored end-to-end encrypted and secured with their account.

If a user has hardware key or TOTP 2FA enabled than it would be practically impossible without a sophisticated spear phishing attack.

And remember this is only for a mobile wallet, and can never be for cold storage! So ideally users just have spending money in this wallet. If a user's Apple or Google account was 100% compromised for this (they would have to be able to fully login and setup a new device with their account) they would have larger problems, as they are also likely storing their bank login etc. within the same storage mechanism as we are using.

The issue with adding any other secret on top of their Apple/Google account is that you're back to square one with needing to have the user record a secret and verify it before they can start using a Bitcoin wallet. Magic Backups provide a sane and open-source alternative to that flow that does not give up custody and does not give up privacy, but it does of course change the attack vectors over a standard seed phrase backup.

That is why we will always have the option for a user to generate or import a seed phrase and leverage a manual backup, but we wanted more of an in-between solution that maximized security as much as possible while greatly simplifying the onboarding flow for new users.


Agreed that this is certainly something that would be a bad idea for cold storage seed phrases, and differs heavily from Ledger in that it's only for hot/mobile wallet and all code is 100% open source and verifiable. There is no need to take our word for it, unlike Ledger, and we would love any code review and comments from those who have the time and expertise!

We feel that Magic Backups can greatly aid onboarding new users to Bitcoin in a way that is drastically easier, without giving up custody and with an easy path to a more standard seed backup once they're comfortable with that. Once a user backs up their seed, we also have the functionality directly in Envoy to delete their seed from their Apple/Google account and delete their app data (we never store their seed, even encrypted) from Foundation's servers, if they so choose.

I have a few somewhat close-up pictures in my reviews:

• Passport Founders Edition
  
• Passport Batch 2
  

They also have video setup instructions here that may help you get a better understanding of the look & feel of the device, as well as the user interface.

You can even try out the device in a simulator, as I explain here:
https://bitcointalksearch.org/topic/m.61304211

Let me archive this, just in case.

I may try to do this 'attack' later this week on some burner devices, but I'd assume that compromising someone's credentials would indeed give you full access to their hot wallet seed.
Part of the reasoning is apparently that many users back up their device to their cloud provider (including app data, of course) anyway (correct me if I'm wrong), but it would be better if they had numbers backing that up.

Thanks for the confirmation Zach. I suppose you would have to be crazy to implement any such system given the fallout from the recent Ledger debacle.

Can you provide clarification on the question I asked above? I don't have a Google or Apple account and have no intention of ever creating one, but is it really as simple as if someone accesses your username/email and password, then they can recover your Envoy wallet and steal your coins?

Hi all, just to confirm, Magic Backups is for our Envoy hot wallet only. It has nothing to do with Passport.

We are building out Envoy into a fully featured standalone mobile wallet complete with in-depth account management and privacy features. Magic Backups is a really great way for new Bitcoiners to get set up and running with a mobile wallet in 60 seconds, fully self custodial, with what I would argue are reasonable security tradeoffs.

Passport will never have any kind of backup system where the seed touches the internet, even in an encrypted form.

So just to confirm - if your password is hacked, leaked, keylogged, haveibeenpwned.com, etc., then all I need to do is take any old phone, log in to your Google account, sync your back ups to this phone, and now I have your seed phrase and can empty your wallets?