Topic: Foundation Passport Official Thread - page 16. (Read 6045 times)

No one is immune to theft. Assuming you are is a mistake.

In a perfect world, maybe, but we don't live in a perfect world. Everyone was sure Trezors were perfectly safe, until it was demonstrated that it is possible to extract a seed phrase from a Trezor in under 15 minutes with some fairly basic equipment. The only way to be sure that data can't be extracted is for it not to be there in the first place.

Maybe, but it'll be pretty easy to figure out when my relatives or I find a hardware wallet in my house. Commit it to memory only and the coins are lost forever.

Amused.

How it can be extracted if the wallet is in my hands only.

I think to extract it from nonvolatile memory of secure element it has to be in the hands  of the highly skilled reverse engineers (they can be counted on the fingers of one hand) equipped with highly sophisticated equipment, and I'm not sure if such equipment even exists.


So all such type concerns which have flooded Internet  are unwarranted.


Even if it happens that wallet will be steeled or lost there will  a time to move the funds into safer place.

P.S. I have both ledger nano s and s+ and recently have acquired Passport.  At least it will be useful to implement based solely on HW multi-signature option for storing my funds.


in this case you will also forget what  your paper backups are for

 

Ledger have this option of permanently attaching a passphrase to a secondary PIN, so you don't have to enter the passphrase each time. When I had a Ledger device, I deliberately did not use this feature for the reasons given above. I don't want my passphrase to be stored on a hardware wallet at all. If it is stored on the hardware wallet, then there always exists the possibility that it can be extracted from the hardware wallet. Yes it's a small inconvenience to enter it every time I need to use the wallet, but I put up with much bigger inconveniences in the name of security.

I also have multiple different passphrases, and so attaching only one of these to a secondary PIN doesn't solve the issue for any of my other passphrased wallets.

All my passphrases are firmly committed to memory, but I still have paper back ups of them all. Doesn't matter how well you have memorized something - a brain injury can make you forget your own name.

What is largely bothered me is the password brute-forcing if someone will manage  to get somehow my SEED but not physical access to my device.

In the case of  his  physical access, if any will take place, 12-digit PIN with 3 valid attempt will be enough to  protect   my security, the probability to break it will be as small as 3/10 ¹² and those probability will be tested by human hands not by machine/s as in the case of brute-forcing.

Correct. But if you use a device that allows you to access a wallet which is supposed to be protected by a 20-character BIP-39 Passphrase by just entering a 12-digit PIN, you've essentially reduced the security level of your wallet to the security of a 12-digit numeric Passphrase.

I guess that further security measures on the hardware wallet (like a maximum number of attempts) can increase the security of the device again, whilst the 20-character passphrase secures your seed phrase backups, but modern attacks can actually defeat such counters. In the end, it all depends on your attacker model.

Interesting; if I think about it, I agree! Especially if you don't back up your Passphrase, you really want to make sure to memorize it well. There's actually no better memorization technique than frequent repetition.

12-digit numeric passphrase  is not equal to mix of 20   characters consisting of digits, caps, small letters and special characters.


My experience with Passport is  not so long as yours. Only two days have passed since the moment when I got it into my hands.

First impressions.

Form factor is good but sure not for frequent travelers  like me who has to pass through customs borders a few times a month, I am still afraid of custom controls. I would prefer to have it even not in the form of  the old-style cell phone. Maybe something like ordinary calculator with in-front functions to calculate would be better to disguise real thing, who knows.

I am gradually began to adopt myself to their implementation of password feature and see at least  one positive moment in entering password each time after rebooting , namely,  such procedure will stamp firmly  that password into my memory.


No one prohibits Foundation to implement  PIN-based passphrase 'bypass' option  alongside with already existing one-time passphrase choice. So, what you said is not really an argument.


 their clients base is more wider than a single person.

Why don't you just use a 12-digit numeric passphrase then?

Ledger did many things; not all of them are great. I can't answer this for you, but I assume it comes down to their explanation above (i.e. security).

The BIP39 passphrase is meant to add a reliable amount of extra security. If we now start implementing what's basically a PIN-based passphrase 'bypass', suddenly something built-in into Bitcoin that is universally seen as a very strong extra layer of security, may suddenly be quite insecure depending on wallet implementation used. One wallet may allow you to bypass / 'unlock' the passphrase through a simple numeric 4-digit PIN, another may require you to enter it completely and so on.

Personally, I find the Passport keypads and form factor very comfortable for entering even long PINs and passphrases, so I like the current implementation.

Obvious thing that  SEED+password must be hidden behind the second PIN. Make it 12-digits long and left 3 valid attempts to enter and I am sure no one will  pass through the barrier.

Is this so difficult to implement?

Ledger did it. Why Foundation did not?


I have 20 characters long password and beside the burden of entering it each time this is one more point of frustration for me when even single wrong character infiltrates the  typing.

This is so that it actually provides an additional layer of security for your funds on Passport. If we stored the passphrase on the device, anyone with the PIN would be able to steal funds and the extra security of your passphrase would be pointless! It's a very intentional security decision to require it on each bootup.


I don't have a hard number for you, but AFAIK we have had zero units with failed keypads due to use to date and did extensive in-house testing before shipping the first Passport.

Can not get why Foundation has decided to not  store the 25th-word-extension for SEED and forced users to enter that password each time after rebooting device.

I am using that password as the second security layer for my funds and seeing such solution as very inconvenient approach.

In this regard, what is the press-number-expectancy for buttons on  the board of Passport? In other words, how many pressing does the button  endure   before it goes to out-of-commission state?

Sadly no, though I think a few resellers still have a small quantity in stock last I checked!

https://foundationdevices.com/resellers/


No, in this release it is just p2tr (spending to Taproot addresses) but does not support receiving to Taproot addresses or spending Taproot outputs. That is slated for our next major release and is already actively in dev! We'll combine shipping that with full Taproot support in Envoy (which currently also has simple p2tr support and not full receive/spend).

I think owners of old Founder's Edition will be happy hearing this.
Do you still have some of those old outlet devices in stock?

Is Passport wallet now fully supporting Taproot format address both for receiving and sending?
If you can confirm that I can move on and add it on my topic List of Wallets supporting Taproot:
https://bitcointalksearch.org/topic/list-wallets-supporting-taproot-5371499

This would be fifth hardware wallet with Taproot support after Ledger, Trezor, BitBox02 andOneKey.

The latest version of Passport firmware, v2.1.0, has been released!

Please note that this is our largest release in some time and also brings Founder's Edition up to date with Batch 2 devices, unifying our firmware. As this is such a large update, we'd love for you all to test it as much as you can before we announce it more widely.

Highlights of this release:

- Backporting v2.1.0 firmware to Founder’s Edition
- Sending to Taproot addresses
- A new Key Manager Extension for BIP 85 and Nostr key support and export
- BIP 85 SeedQR exports

For the full release notes, browse Github or read our blog post below:

https://foundationdevices.com/2023/05/passport-version-2-1-0-is-now-live/

NOTE: Since we are now releasing both firmware files from the same repo, the file naming has changed slightly. "Batch 2" devices use the same naming scheme for firmware as before:


but Founder's Edition is now named explicitly to avoid confusion:

That's too bad.  I really love my Batch 2, and I am very much a bitcoin maximalist, but I do end up holding several thousands of dollars worth of monero from time to time.  I promise, that will be only altcoin I ever ask you to implement!

Good read, thanks.

Sure, I can give it a shot, if there's interest for it! As far as I can tell, they only just started with this fork, so it should take a while. Many aspects of Monero are quite different (the cryptography in particular), which should require massive changes.

In the meantime, I downloaded v2.1.0-beta-6-founders and give it a shot on the weekend.

Yes, and just to be clear this is a community fork and not officially from us. No plans at this time to have an official firmware for current devices, but in theory this will end up being unofficial firmware for at least Batch 2 (and maybe Founder's Edition) if enough devs rally around it! Beauty of true free and open-source projects is they can spinoff in many directions 


I believe this will be focused on Batch 2 devices, but it may also end up supporting FE as well. Unclear at this point.

Someone decided to fork Passport code and enable separate support for monero, and I don't see anything wrong with that, unless it takes away dev time from working on improving BTC code and fixing bugs.
This all resulted in one more of NVK episodes, but I think you guys nailed it with latest blog post from Zach Herbert, so I have to post it here, as An Open Letter to NVK and Coldcard:
https://www.zherbert.com/an-open-letter-to-nvk-and-coldcard/

Maybe people with old version Passport devices (like n0nce) can test this unofficial firmware when it gets released:   
https://github.com/mjg-foundation/passport2-monero

The long lead-up for this was due to synchronizing the code-base, moving forward they'll both use the passport2 repo and share firmware releases, features, etc.

Total parity from here on out is the plan now that we've laid the groundwork!

This is exciting news! In my original review of Passport FE, I mentioned it was important for me that the device would keep getting updates for years to come. Great to see that it's finally happening - I was almost getting worried..


However, it seems to take longer than expected to back-port Passport v2 features to FE? Or did it only take this long to get them to feature-parity in the first place, but they'll be in sync from now on?

I'm referring to...

We're happy to announce that the public beta for version 2.1.0 is available now on Github:

Passport v2.1.0 Firmware (Beta 6)

NOTE: This is a Beta version of Passport firmware. You must install the beta pubkey (attached in GitHub) using the Settings -> Advanced -> Developer PubKey menu item before you can install this beta. If you are not comfortable with this, please wait for the official release, which should be available shortly. Detailed instructions for this process can be found here.

In version 2.1.0, we’ve leveraged all of the background work in recent versions to build out some amazing new features for you, including back-porting v2.1.0 firmware to Founder’s Edition, sending to Taproot addresses, a Key Manager Extension for BIP-85 and Nostr key support and export, and BIP 85 SeedQR exports.

It would be especially valuable to get detailed feedback from anyone willing to help out on the new features and on the general firmware for Founder's Edition as this is a huge jump, bringing parity to our original device.

For the full change log you can visit Github.

Please test it out (if you're comfortable with a beta release) and report back with any issues, feedback, or suggestions you have! The official release should go live in about 1wk, pending any issues that are discovered in the public beta testing.