Topic: Thoughts about Passport hardware wallet (Read 2278 times)

They did! I really appreciated it. I hope he chimed back in now and then to see what other feedback there was; he was last active a week ago, so I suspect he's a frequent reader of the forum.

This was one of the main reasons why ColdCard developers changed their license from OpenSource to CommonClause.
I don't think they benefited at all from this, on contrary I think they are going to get less or no more contribution from developers outside ColdCard circle.
btw I heard that there is only one developer in Coldcard team, but I can't vouch for that...
I am not exactly sure how much people is working on Passport  wallet, but there are seven contributors so far.

Maybe they actually visited bitcointalk forum and found some criticism we made regarding those game bloatware found in first version of their device.
I can't exactly remember if some of their developers an created account here, but I think they did, correct me if I am wrong.

Apparently yes, I can see it on all major platforms, as well as the GitHub repo for the source code.
Apple AppStore: https://apps.apple.com/us/app/envoy-by-foundation/id1584811818
Google Play: https://play.google.com/store/apps/details?id=com.foundationdevices.envoy
F-Droid: https://foundationdevices.com/fdroid/

I like how below the download links / badges, it says 'Or download directly on our Github.'
I'm not sure how it works on iOS, but it seems you can download and install the .ipa file; I suppose it has to be sideloaded (signed with your Apple ID) using something like https://altstore.io/ (AltServer). On Android you can obviously install the .apk directly.

Actually I'm not sure it's even accurate to say they are forked from ColdCard. It appears to me that they are definitely using Trezor's crypto (so is ColdCard, as far as I know - first commit has mentions of using their crypto library) and may have taken some ColdCard things here and there.
I remember that ColdCard was upset about Passport supposedly being a CC fork, but if I roughly compare the two projects' structures, they look very different. A quick diff over both projects (latest commits) also shows no single identical file - obviously, this would also be the case if Passport was based on CC and changed every single file between the fork and now.
I would find it a bit odd if ColdCard took Trezor code, but only the bits that are needed, and renamed everything not to leave any traces, but then Passport, supposedly built on CC code, adds back in the whole trezor firmware repo.

The Makefiles also look very different, so even if it was forked from ColdCard, it has diverged so much that the same bugs might indeed not be present on Passport. But I wouldn't bet on it..

To answer your question about the Virtual Disk bug; one easy thing to check is looking for strings in both projects. We get a bunch of results in ColdCard repo, while Foundation's 6 results for the same query are entirely different. The feature does not seem present in Passport.
In code, it is often referred to as virtdisk, a string which we do not find on Passport at all. No matches in passport2 repo either.

---

Unrelated; just read this from DaveF. I agree; so I checked in the code if Passport batch 2 still comes with unnecessary games.

Indeed, they removed the snake game from Passport batch 2.
We can also compare the same folder in both repos and notice that the other game, stacking_sats.py is gone too and the project generally looks much cleaner and smaller than batch 1.
https://github.com/Foundation-Devices/passport-firmware/tree/main/ports/stm32/boards/Passport/modules
https://github.com/Foundation-Devices/passport2/tree/main/ports/stm32/boards/Passport/modules

Oh nice I didn't see that, so they released first version of Envoy app in public and it's out of beta testing?

I don't know if you heard anything about latest bug found in Coldcard mk4 wallet with their Virtual Disk, and since Passport wallet is forked from older Coldcard I am wondering if they are using anything similar.
Maybe  am naive to say this, but I think that Passport showed to be much less affected with serious bugs so far, but I am not saying they are perfect.

I think these 9 reproducible apps from the Google PlayStore could be a good starting point for finding a nice Android wallet.
https://walletscrutiny.com/?verdict=reproducible&platform=android

As for iOS, as far as I know it is impossible to make a reproducible build land on the AppStore, since Apple re-builds the binaries themselves or something like that. But you could surely compile one of the open-source iOS apps yourself.
https://walletscrutiny.com/?verdict=nonverifiable&platform=iphone

However I don't know which ones support airgapped hardware wallets in either list. As I said, for very basic functionality, I may be able to throw something together in a weekend. But as of right now, I don't really have a need for it. I did plan to have one hardware wallet more intended for 'mobile use' (at first I thought Passport v1, then I decided to give that role to my batch 2 due to the battery issue), but especially with the still ongoing pandemic I just don't travel that much or use Bitcoin outside 'range' of a PC or laptop.

Another idea is stripping Envoy off Google stuff and compiling it yourself.
https://github.com/Foundation-Devices/envoy/

I am not worried about tamper-evident seals at all.
This is just superficial stuff that can be replicated and it is not offering any real protection against anything, it's just providing false sense of security.

Sometimes I think that sole exitance for custom workers is to ruin and open sealed packages that are coming to customers
Every time I order something online, especially overseas, I am trying to find alternative way for shipping, maybe friend delivery or me traveling to better location to pick up package.
I would prefer to receive device without firmware install and do everything manually, but most likely you will need to update firmware soon anyway.

That would be cool to see
I am currently thinking about all the good apps we can use for smartphones, related with Bitcoin, and open source wallets are big part of this.
This is not to be used for holding big amount's of money, more like pocket money and something used for p2p trading in person.
One interesting thing I noticed recently is that Graphene OS with Pixel6 phone is using twelve words backup option and I think this could be BIP39 compatible but I am not sure.

As of right now, honestly nothing. I will look into something simple, without tons of bloat introduced by suspicious (read: Google et. al) frameworks that I can compile myself, in the future.

Maybe also just going to make my own. I don't need lots of fancy features; just creating a PSBT from a Bitcoin address, a selected UTXO, an amount and a fee can't be that hard, right. Not even any USB protocol is needed; just QR code generation, reading the signed QR from a camera image and sending it to an Electrum node. Honestly that would be one of the simplest software programs I've ever written so I don't get why all these mobile apps overcomplicate it so much so that they need to resort to frameworks (yeah I'm not a fan of frameworks especially if they might phone home.. ).

I'm not sure how I feel about 'tamper evident packaging'. It can give a false sense of security, especially since such stickers can be got anywhere very cheaply; I believe even fake Ledger devices come with tamper evident seals. So I wouldn't put too much trust in solely such stickers; on the other hand, they cost nothing so adding one more may give a little extra protection for barely any cost at all.

Passport v1 came with firmware and I'm sure that v2 comes like that, too. But you can always go in and immediately flash a fresh image from Foundation's webpage or GitHub when you receive it. Mind you, the device only installs firmware signed by Foundation, so it's going to be pretty hard (read: almost impossible) for someone to casually replace the firmware on your Passport at the customs office.
Realistically, worst thing that can happen is that they open it, boot it, configure it, and write down (steal) your seed. However you would notice since after turning on you wouldn't see the usual setup. In such case you could trash it, or just format it and re-configure (getting a new seed).

Unfortunately some custom offices open the sealed package. The device comes with or without firmware?

When they first introduced it, it had a lot of potential but they ruined it with such a decision ^{[second time in a row (after the node part)]}.

I guess that confirms I was wrong ^{[they "didn't" alter the foundation letters' color into black]}, but while we're waiting for n0nce's review, I'd like to complain about their packaging:

• On their "unboxing video ^{[part one]}", I noticed only the outer box comes with a tamper-evident seal and the inner/main box is only bubble & shrink wrapped! I do know there's a way to check and verify if you've got the correct product, but this way of packaging still gives certain users a chance to figure out a non-detectable way to bypass such things in the future.

I just spotted our member MoparMiningLLC in the wild space of twiitter, he just received his own Passport batch2 wallet and he seems happy with it.
I guess he is the same guy on twitter and in bitcointalk, but the real question is when is n0nce finally going to receive his long waited package .
We are still waiting for news about that review
https://nitter.kavin.rocks/MoparMining/status/1551771147175436289

What Bitcoin and LN wallets are you using and recommending for smartphones?

As wallet software, I use Bitcoin Core and Sparrow.
I don't really feel comfortable using something that I can't compile myself or at least check the binaries' hash and look at https://walletscrutiny.com/ to see if the available builds are actually reproducible (i.e. produced from the source code without modifications).

Which wallet do you use?

Thanks for the update! I haven't got mine yet, but even when I do get it, I will need a bit of time to unbox, review and compare to v1 of course.
I'm glad to hear that they are finally shipping. I also noticed that their Envoy application is now available, but I'm not sure what you guys think about this topic. Installing an application (binary), compiled, from an app store, that holds the xpub of your hardware wallet? There is no way of verifying it not breaching user privacy. It could easily do a one-off HTTP request, sending the xpub to Foundation.
I might find the time to have a look at their source code to at least check they don't have Google AdSense or other known spying frameworks in use, as I believe that's one of the biggest 'black boxes' in most mobile applications.

Edit: It uses Google Firebase. If I don't absolutely have to, I'd prefer to skip Envoy for now.

Glad to see the excitement.. I decided for myself not to request any discount codes for now. Even if I value my objectivity, I can't be 100% sure that such rewards wouldn't influence my judgement, you know. Maybe thinking about it again after finishing the review, after it's all set in stone and whatnot, would make more sense.
On one hand I'd be glad to offer such a discount to interested buyers, but on the other hand I'd prefer not to get a reward for it, you know. Maybe I can tell them to make my code give $20 off to the customers and no reward for myself.

Another quick update : It seems like some Twitter users have started receiving their orders[1][2]. Albeit the absence of updates from n0nce makes me think he/she hasn't received their notification, I hope that this update from Foundation[3] makes him/her happy:
We are one step closer for your review n0nce! Really excited to see if the improvements were the right ones or if this is really an upgrade versus the previous one. Have you managed to grab your "n0nce10" code from their Ambassadors program? 

---

[1]https://nitter.net/BTCsessions/status/1550204596047360000
[2]https://nitter.net/ShaneTrammel/status/1550315655815172096
[3]https://nitter.net/FOUNDATIONdvcs/status/1548937916923215872
[4]https://foundationdevices.com/ambassador/

Yesterday's wine.

You're probably on the wrong board; this is about Foundation Passport, not about ColdCard!

I can't imagine it's helping their business in general.  I for one would have bought a mk3 if they had only announced the mk4 as "coming soon," but since they were taking reservations months ago I decided to wait. I imagine I'm not the only one.  The silly thing is I probably would have bought a mk4 eventually also.

---

ETA: 10% off for Pizza day?  To hell with the wait, I placed the order.

Thanks Rick for keeping us up to date! I think I've said it before, but I'm not happy with how they set their ETAs. It's already been like this with v1 and it hasn't improved on v2. They always set completely unrealistic ETAs and then have to push them back repeatedly. Why not just set a worst-case one and then maybe surprise customers with earlier delivery? Instead they've basically been saying 'delivery next month' since January. I'll get more into this with sources and whatnot in the review, though. This communication from them is really something I don't like.

Just a quick update - May 20th - regarding Batch 2 : Foundation estimates that they'll start assembly the first units in the first week of June[1]! Here's a more detailed information regarding materials availability and next steps:
It seems that my early estimates weren't all that bad... Looking forward for your review n0nce!

---

[1]https://nitter.net/FOUNDATIONdvcs/status/1527797590263226372

I could expect to see microchip shortage... but now we are starting to see metal cast and packaging material shortages, and from information I have from China, this is going super crazy levels, not going to end any time soon.
Main ports are closed in Shanghai and people are literally jumping out from their windows and committing suicides, because they don't have anything to eat and they are not allowed to go out.

Solution for Passport problem would be to decentralize more and make reserve options for most parts, when that is possible, and I am sure other countries can make some parts.
I see now that Passport is going to make packaging in United States, but in 2022 you need to have backup options for everything, and avoid single point of failure as much as possible.