In April we set off to build a new type of hardware company. Instead of building closed source, proprietary hardware, we’d open source all of our work – from the firmware to the circuit designs. We’d fight back against today’s norm of security via opaqueness and instead embrace security via transparency.
Instead of releasing open source hardware catering only to developers and hardcore security enthusiasts, we’d design beautiful devices with bold, unique industrial designs and intuitive user interfaces. We’d aim to build the best products, period, and bring them to the largest number of people.
Only 8 months after launching Foundation Devices, we have finished prototyping Passport and are beginning mass production. In several weeks we will be shipping our first devices to customers across the world.
We are excited to announce that we’ve released Passport’s circuit designs as fully open source under CERN OHL S v2, and Passport’s alpha firmware under GPLv3 (and other compatible licenses). These viral, copyleft licenses ensure that others can use our work for any purpose – as long as they open source their work as well.
Open source is core to our mission and values at Foundation Devices, and we encourage other hardware companies to join the open hardware movement.
The Importance of Open Hardware
Security via openness and transparency. In a Bitcoin powered world, with immutable transactions and no recourse for thefts or loss, it is more important than ever that hardware and software are open. Security experts can easily review designs and report vulnerabilities, and advanced users can verify that the hardware and software have not been modified or tampered with.
Open hardware is likely to have fewer vulnerabilities than closed hardware. Read more in our previous post.
Building on each other’s work to innovate faster and progress society. In the hardware world today, progress is slow and siloed because each new hardware company either starts from scratch or buys proprietary IP from a small handful of companies (like Qualcomm or ARM). We think this is one of the main reasons why progress in the physical world is slower than in the digital world. In software, by contrast, developers can find tens of thousands of high quality open source libraries on Github and quickly integrate them into their projects.
Imagine if a young software startup was forced to pay Google for some proprietary IP to make a useful product and was required to sign an NDA – this is what the hardware world is like today.
Passport’s Open Source Foundation
Passport is built upon and inspired by numerous open source elements. For our hardware, we researched the architecture of popular devices like Coldcard, Bitbox02, and Trezor – all of whom post their electrical schematics on Github. We also implemented an open source true random number generator from the Betrusted project (called an Avalanche Noise Source).
For our firmware, we relied on the open source MicroPython project and used Coldcard’s open source firmware as a template. We started a new MicroPython project, did low-level bringup work for our hardware components (such as the camera), created a new user interface, and ported + modified pieces of Coldcard’s code.
We also implemented Trezor’s open source crypto library, ported Blockchain Commons’ open source UR Library to Python, and integrated two open source QR libraries.
It would not have been possible to design Passport in less than a year without building on great open source work.
Other Hardware Wallets
Currently only Passport and Trezor meet the definition of Open Source Hardware. Foundation Devices believes it is our responsibility to encourage other hardware producers to fully open source their work.
- We applaud Trezor for their full embrace of open source hardware, but we suggest they license their hardware designs under CERN OHL v2.
- We implore Ledger to change their approach and open source their hardware designs and proprietary firmware.
- We suggest that Bitbox02 and Coldcard release their circuit design files, rather than just their schematics, so that the hardware can be fully open source.
Our beliefs about the importance of open source were inspired by both Coldcard and Trezor. When Coldcard launched in 2018, they used Trezor’s open source crypto library – and welcomed others to use their open source, GPLv3 code!
We are grateful for Coldcard’s open source firmware, of which we’ve used numerous components to more quickly bring Passport to market. However, we are disappointed that they’ve recently chosen to relicense their firmware as non-open source. The Commons Clause license condition is not open source and is and incompatible with GPL. The Free Software Foundation urges rejection of software under this license condition, and the license condition is widely criticized and on the decline.
In Summary
Passport’s circuit designs are now released as fully open source under CERN OHL S v2, and Passport’s alpha firmware is now released under GPLv3 (and other compatible licenses).
We believe open hardware improves cooperation and security and accelerates industry progress. We’re excited to bring open hardware products to the world and hope to see others do the same!