The Foundations of Freedom in Bitcoin

In the decentralized, peer-to-peer Bitcoin network, there are no central institutions that protect individuals from fraud or loss. Sovereign Bitcoin users must look after their own security, which makes it critically important that they are able to identify which products and services are trustworthy and safe to use. 

The first step Bitcoin organizations should take in order to be considered credible is to be fully open source under the proper licensing. Open source projects are more likely to be secure because, given an active development community, a greater number of individuals are involved in inspecting and contributing to their code.

Bitcoin is an ecosystem built on a foundation of free and open source software and ideas. Progress in Bitcoin is made as we build on each other’s work. Bitcoin users must have full freedom over the hardware and software infrastructure they use – freedom to fork, freedom to change, freedom to run the programs they want without any intermediaries.

This article will explain why open source development is both more efficient from a security perspective and the only viable way forward for Bitcoin.

Civil Liberties in Hardware and Software

To understand why open source is critical for Bitcoin users, it helps to have some historical context about how the movement’s ideals emerged. Before the Copyright Act of 1976 ruled that computer programs could be considered intellectual property, software programs had often been bundled and sold together with hardware. This created a development environment in which programmers worked primarily out of passion for their field and cooperated with one another in a free-flowing, non-restrictive way. 

However, after the 1976 changes to IP law, companies began working on proprietary software that could be sold on its own. This marked the beginning of a trend that gained full momentum by the early 1980s and which eventually resulted in the walled garden ecosystems we see today.

The irony for many of the originators of the technology that had enabled the personal computing era was that they believed foremost in the civic duty of sharing information for public benefit. A staunch advocate for freedom of access and development in software among this generation of creators was Richard Stallman. His writings voiced the idea that it was not enough to protect the practical aims of open information sharing – philosophical aims conducive to a virtuous society also had to be respected in software. 

To reflect the importance of individual freedoms, Stallman wrote the GNU General Public License (GPL) series of copyleft licenses that protect the rights of software users, rather than owners.

In addition to all the practical benefits of open source development, the terms “Free and Open Source Software (FOSS)” and “Free and Open Source Hardware (FOSH)” imply that a product upholds basic individual freedoms and civic duty. Here, “free” refers to freedom, rather than whether or not the product is free to use. 

In his writings on “nonfree” software, Stallman describes how privatization and black-boxing of code erodes our spirit of self-reliance and consequently runs contrary to the principles upon which democracies like the United States are founded. Without the ability to analyze, modify, or redistribute the software we use, we are ultimately passengers in the digital world, unable to take agency for ourselves or on behalf of our fellow citizens and neighbors.

Without the ability to analyze, modify, or redistribute the software we use, we are ultimately passengers in the digital world, unable to take agency for ourselves or on behalf of our fellow citizens and neighbors.

Bitcoin was not built to resemble the walled garden digital economy, but instead to provide a path for restoring our sense of self-sufficiency and sovereignty. In today’s world of sweeping centralization, over-organization, and lack of transparency, it is more important than ever to protect the ideals that Bitcoin stands for. The only way to work towards a future for Bitcoin in which freedom and autonomy are preserved is to support projects that are free and open source under FOSS and FOSH licenses.

Not Compromising on Open Source

In the same way that we trust the Bitcoin protocol because it is free and open source software, we can more confidently trust products that are free and open source. FOSS and FOSH licenses can help the Bitcoin community identify and give recognition to projects that uphold the full standards of transparency as well as reflect the spirit of free software and hardware.

As new waves of users enter the Bitcoin market, bringing us ever closer to mass adoption, there will also be unprecedented interest from malicious actors. In order to avoid thefts or loss of funds, a majority of new Bitcoiners may continue to consign key ownership to large exchanges or engage with Bitcoin through trusted third parties. 

The custodial decisions made by new Bitcoiners will have a tremendous effect on the future of financial sovereignty in Bitcoin – and whether centralized institutions and players that have no concern for the foundational principles of Bitcoin may come to dominate the space. It is our hope that the strength of free and open source projects in the industry will incentivize and inspire new users to opt to take control of their sovereignty.

Transparency is Better than Obscurity

The way forward for the Bitcoin community—if it wants to stay true to its ideals—is the same model of open source development adopted by the original Bitcoin protocol and software. Bitcoin is a paradigm that clearly thrives on communal development, cooperation, and progressively building on shared work. 

As Richard Stallman writes, “In any intellectual field, one can reach greater heights by standing on the shoulders of others. But that is no longer generally allowed in the software field—you can only stand on the shoulders of the other people in your own company.” A notable advantage of a decentralized system is in coalescing the work created by a diverse community of developers and entrepreneurs and enabling anyone to expand or improve upon that work.

A world in which we are not able to build on the intellectual progress of others is a world that would be less innovative and less secure. The hardware wallet industry is a quintessential example of how building on top of each other, rather than building from scratch, enables rapid innovation. We at Foundation are deeply appreciative of the open source projects – like MicroPython, Coldcard, and Trezor – that helped us bring Passport to market.  

A world in which we are not able to build on the intellectual progress of others is a world that would be less innovative and less secure.

It is much more efficient to build in concert with developers across an active community than to draw only from the development resources of one’s own company. When a product’s open source code attracts a larger and more diverse group of contributors to verify that it functions as intended and is not susceptible to critical flaws, consumers can have more confidence that it can be trusted. The cross-referencing of the opinions of experts is a much more credible source of information to depend on than the reputation of a centralized institution.

Recent notable hacks of proprietary hardware and software illustrate how detrimental black box development can be to the security of users. Just last year, Apple’s T2 co-processor, which handles encrypted storage and secure boot capabilities, was cracked by a team of researchers who found it was vulnerable to the same “checkm8” exploit that had been used to jailbreak Apple’s A10 processor. The fact that this vulnerability originated from T2 being based on the A10 is a telling example of how developers limited to the resources of their company are less likely to understand and recognize flaws in their product. Researchers found that attackers can gain access to the T2 chip of MacBooks produced from 2018 to 2020 if they have physical possession of the device or are able to swap out one of the owner’s cables for a modified lookalike specifically engineered for the attack. The failure of these generations of MacBooks is not a good look for Apple, a company that has long projected an image of itself as more secure due to its walled garden approach.

Also last year, Intel’s Software Guard eXtensions (SGX), a security system marketed as a highly isolated enclave for safeguarding private keys, fell victim to yet another security vulnerability. The latest crack involved two separate side channel attacks capable of stealing sensitive information, and came just after Intel sought to mitigate previous vulnerabilities by modifying app-layer code. The fact that large hardware manufacturers like Apple and Intel can struggle to provide consumers with secure black box private key storage solutions is further indication that open, auditable code can be a stronger security model.

The fact that large hardware manufacturers like Apple and Intel can struggle to provide consumers with secure black box private key storage solutions is further indication that open, auditable code can be a stronger security model.

Implications for Hardware

Hardware is a delivery mechanism for software, and free and open source hardware is absolutely fundamental to creating a decentralized digital economy in which users can find trustable products – and in which rapid innovation can occur. This is why we believe meeting the criteria for free and open source software and hardware is not only beneficial for security and product improvement, but necessary for the future of Bitcoin. 

To understand the specifics of the CERN OHL v2 hardware licenses and GPLv3 firmware licenses that classify Passport as FOSH, look out for our next article!


Order the Passport Founder’s Edition today, limited to 1000 units!

Announcing Our Seed Raise

Foundation Devices is thrilled to announce that we’ve raised a seed round of $2.5M led by Bolt.

Joining us are new investors Third Prime, Massachusetts Avenue Capital, Unpopular Ventures, Deep Ventures – as well as existing investors Warburg Serres, Fulgur Ventures, Inflection, and notable angels.

Bolt, a prominent early-stage venture fund, invests at the intersection of the physical and digital worlds. They were first round investors in groundbreaking hardware companies like Desktop Metal, Tonal, Nautilus Bio, and Fi.

Tyler Mincey, a partner at Bolt, is joining our board. Tyler has a highly relevant background in product management, design, and hardware/software engineering in companies large and small. At Apple, Tyler was a member of the original iPhone core team, later managed the iPod new product roadmap, and shipped over 150M units worldwide. We are thrilled to work closely with Tyler on developing new products and honing our design & manufacturing capabilities. 

Foundation is building the open hardware foundation for Bitcoin and a decentralized Internet. We believe that a new Internet, powered by open source software, must run on open hardware. Today’s devices are opaque, proprietary, and restrictive. Our goal is to build a new category of sovereign computing to serve as an open platform for development of a decentralized Internet. 

For Bitcoin and a decentralized Internet to succeed, users must store their own keys and run their own infrastructure. This is where we come in. Foundation believes software solutions alone are insufficient – consumers need integrated hardware and software to make it as easy to store your own keys as it is to open an account on an exchange. 

Last month we began shipping our first product, Passport, a next-gen Bitcoin hardware wallet. Passport is designed to be beautiful, intuitive, ultra-secure, and completely open source. Over the next several months we will improve Passport with firmware updates and design enhancements, as well as introduce companion software to further enhance the user experience.

To date, we’ve built all of Foundation with just four cofounders. We are now excited to be expanding the team in the following areas. If interested, view our Jobs Page and email us at

  • Software Engineering (web, mobile, embedded, Bitcoin)
  • Mechanical Engineering
  • FPGA & ASIC Engineering
  • Graphic & Industrial Design
  • Operations
  • Customer Support
  • Social Media & Community

Join us in our mission to make Bitcoin and decentralized tech accessible to each and every individual in order to build a new era of sovereignty, ownership, and privacy – and empower humankind.

– Team Foundation


Order the Passport Founder’s Edition today, limited to 1000 units!

Leading an Open Hardware Renaissance

In April we set off to build a new type of hardware company. Instead of building closed source, proprietary hardware, we’d open source all of our work – from the firmware to the circuit designs. We’d fight back against today’s norm of security via opaqueness and instead embrace security via transparency.

Instead of releasing open source hardware catering only to developers and hardcore security enthusiasts, we’d design beautiful devices with bold, unique industrial designs and intuitive user interfaces. We’d aim to build the best products, period, and bring them to the largest number of people.

Only 8 months after launching Foundation Devices, we have finished prototyping Passport and are beginning mass production. In several weeks we will be shipping our first devices to customers across the world.

We are excited to announce that we’ve released Passport’s circuit designs as fully open source under CERN OHL S v2, and Passport’s alpha firmware under GPLv3 (and other compatible licenses). These viral, copyleft licenses ensure that others can use our work for any purpose – as long as they open source their work as well.

Open source is core to our mission and values at Foundation Devices, and we encourage other hardware companies to join the open hardware movement.

The Importance of Open Hardware

Security via openness and transparency. In a Bitcoin powered world, with immutable transactions and no recourse for thefts or loss, it is more important than ever that hardware and software are open. Security experts can easily review designs and report vulnerabilities, and advanced users can verify that the hardware and software have not been modified or tampered with.

Open hardware is likely to have fewer vulnerabilities than closed hardware. Read more in our previous post.

Building on each other’s work to innovate faster and progress society. In the hardware world today, progress is slow and siloed because each new hardware company either starts from scratch or buys proprietary IP from a small handful of companies (like Qualcomm or ARM). We think this is one of the main reasons why progress in the physical world is slower than in the digital world. In software, by contrast, developers can find tens of thousands of high quality open source libraries on Github and quickly integrate them into their projects.

Imagine if a young software startup was forced to pay Google for some proprietary IP to make a useful product and was required to sign an NDA – this is what the hardware world is like today.

Passport’s Open Source Foundation

Passport is built upon and inspired by numerous open source elements. For our hardware, we researched the architecture of popular devices like Coldcard, Bitbox02, and Trezor – all of whom post their electrical schematics on Github. We also implemented an open source true random number generator from the Betrusted project (called an Avalanche Noise Source).

For our firmware, we relied on the open source MicroPython project and used Coldcard’s open source firmware as a template. We started a new MicroPython project, did low-level bringup work for our hardware components (such as the camera), created a new user interface, and ported + modified pieces of Coldcard’s code.

We also implemented Trezor’s open source crypto library, ported Blockchain Commons’ open source UR Library to Python, and integrated two open source QR libraries.

It would not have been possible to design Passport in less than a year without building on great open source work.

Other Hardware Wallets

Currently only Passport and Trezor meet the definition of Open Source Hardware. Foundation Devices believes it is our responsibility to encourage other hardware producers to fully open source their work.

  • We applaud Trezor for their full embrace of open source hardware, but we suggest they license their hardware designs under CERN OHL v2.
  • We implore Ledger to change their approach and open source their hardware designs and proprietary firmware.
  • We suggest that Bitbox02 and Coldcard release their circuit design files, rather than just their schematics, so that the hardware can be fully open source.

Our beliefs about the importance of open source were inspired by both Coldcard and Trezor. When Coldcard launched in 2018, they used Trezor’s open source crypto library – and welcomed others to use their open source, GPLv3 code!

We are grateful for Coldcard’s open source firmware, of which we’ve used numerous components to more quickly bring Passport to market. However, we are disappointed that they’ve recently chosen to relicense their firmware as non-open source. The Commons Clause license condition is not open source and is and incompatible with GPL. The Free Software Foundation urges rejection of software under this license condition, and the license condition is widely criticized and on the decline.

In Summary

Passport’s circuit designs are now released as fully open source under CERN OHL S v2, and Passport’s alpha firmware is now released under GPLv3 (and other compatible licenses).

We believe open hardware improves cooperation and security and accelerates industry progress. We’re excited to bring open hardware products to the world and hope to see others do the same!


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Hardcore Hardware Security Requires a Step Back In Time

Foundation strives to build ultra-secure hardware with an open source security model. This is especially important for hardware wallets, which are used to store sizable amounts of Bitcoin and cryptocurrencies.

Today’s devices are largely designed for a pre-Bitcoin world. They are proprietary, opaque, and closed source. They are not designed to protect Bitcoin’s immutable transactions.

Take an iPhone, for example. An iPhone’s software is closed source – it runs firmware and an operating system made by Apple. There is no public code on Github. Security researchers or savvy individuals cannot audit any of the code running on the device. 

Likewise, an iPhone’s hardware is closed source – its circuit board designs, list of components (commonly called the “BOM” or bill of materials), and details of component functionality are proprietary and confidential. Sure, it’s possible to conduct a tear-down and attempt to determine how an iPhone works, how the circuitry is designed, and what components it uses. But the information gleaned from such an effort is limited at best.

Does Apple encrypt your iMessages? Does it safely upload your data to iCloud? Are apps sufficiently isolated to protect you from viruses and exploits? With closed source hardware like an iPhone running a closed source operating system, it is impossible to answer these questions. Instead, we are forced to trust Apple completely with our digital lives.

In a pre-Bitcoin world, this did not matter. The worst-case scenario was that an attacker stole your personal data, bought a few items with your credit card, and Venmo’d away a few thousand dollars. You then reset your passwords, called your credit card company, submitted a support ticket with Venmo – and resumed life as usual.

In a Bitcoin world, if your money is stolen then it is gone. There is no recourse. 

Today’s devices are built on a closed-source security model that is not transferable to a Bitcoin world. At Foundation Devices, we are dedicated to building ultra-secure hardware with an open source security model.

Unlike most hardware companies today, Foundation Devices:

  1. Minimizes the use of black-box silicon – chips whose functions are unknown and are often bundled with common components like screens and touch panels.
  2. Purchases chips and components only from reputable suppliers and distributors.
  3. Reduces attack surfaces as much as possible.
  4. Assembles our devices under close supervision in the USA.
  5. Releases our hardware and software as open source.

In order to build secure hardware for a Bitcoin world, we sometimes need to take a step back in time. Many common components today are not designed for hardcore security, transparency, auditability, and openness. When designing Passport, our Bitcoin hardware wallet, we made the conscious decision to avoid the following:

  • High resolution displays which contain black-box silicon that could collect data or display false information.
  • Capacitive touch panels which contain black-box silicon that could record user inputs or hijack the device.
  • Lithium ion batteries which contain black-box silicon that could help attackers exploit power-related vulnerabilities.
  • Bluetooth which increases attack surface and has consistent vulnerabilities.
  • USB which increases attack surface, such as this Ledger vulnerability.

This means that Passport uses a physical keypad, monochrome display, AAA batteries, and QR codes for communication. It somewhat resembles a Nokia phone! But it provides an excellent user experience, great design, and – most important – strong, open source security. 

Most touch panels contain black-box silicon. See the chip on the data cable.

If you are looking to purchase a hardware wallet, be wary of devices that use touch screens and contain Bluetooth. Be especially wary of closed source hardware. Ask the manufacturer – who makes the touch screen and where is it produced? Is the hardware and firmware open source? Does the wallet include Bluetooth or other forms of wireless communications?

Foundation Devices believes it is important that hardware wallet makers, above all, prioritize security. Here’s how we think about security for Passport:

  1. If it can be visually inspected, it’s the best. This is why we use a Memory Display over a high resolution OLED or TFT display, and why we use a physical keypad over a touch panel.
  2. Minimize the use of black-box silicon and purchase all chips from reputable suppliers. Our suppliers include ST Microelectronics, Microchip, Omnivision, Analog Devices, and ON Semiconductor. Passport does not contain components from sketchy Chinese OEMs.
  3. Crucial components should be made ourselves. Rather than relying on a proprietary true random number generator (TRNG), we implemented an open source TRNG called an Avalanche Noise Source that uses commodity components (thanks bunnie!).

Over time, as Bitcoin grows and we sell more devices, we will design open source touch screens, more secure wireless communication protocols, and open and auditable chips. We look forward to making this a reality as we build Foundation Devices!

Interested in learning more about hardware security? We recommend this talk by bunnie, renowned hardware hacker and creator of the Betrusted project.


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Foundation Devices Launches Preorders for Passport and Raises Pre-Seed Round

In late July, we introduced Passport – a new Bitcoin hardware wallet that is more elegant, ultra-secure, and open source. Today, Foundation Devices is excited to announce that:

  1. Passport is now available to preorder, with a Founder’s Edition limited to 1000 units.
  2. Foundation Devices has raised a pre-seed funding round from notable investors.
About Passport

Foundation Devices is building the open source hardware foundation for Bitcoin and the sovereign Internet, starting with a hardware wallet called Passport. We intend Passport to appeal to a broad audience of Bitcoiners – whether you are an expert user accustomed to hardware wallets or a new user currently storing your coins on an exchange.

Passport provides a radically simplified, zen-like user experience. Foundation Devices is working hard to eliminate the hardware wallet learning curve with a streamlined setup process, intuitive interface, and familiar navigation.

With numerous high-quality multisig software wallets entering the market, it is more important than ever that we have a hardware wallet that is easy to use and welcoming to new users. Passport is our attempt to build the “iPod” of hardware wallets.

Preorder Details

Passport is priced at $299 and includes 2x industrial grade microSD cards, 2x AAA batteries, and free shipping within the USA. Founder’s Edition is limited to 1000 units and includes an exclusive back cover design, special packaging, and a surprise gift.

Our official estimated shipment date for Passport is March 31, 2021 – but we are aiming to deliver Passport in time for the December holidays. Foundation Devices has already placed orders for long-lead time components and will finish ordering all components in the next several days. Due to COVID’s continuous impacts on global supply chains, we have chosen to be more conservative.

Please note that this is not crowdfunding – Foundation Devices already has the funds required to pay for the full production of Founder’s Edition devices. If you change your mind before Passport ships, cancel your order at any time and receive a full refund. If you stack too many sats and overdraw your bank account, we will do our best to refund you same-day! (Yes, this actually happened.)

To ensure your privacy, Foundation Devices self-hosts our website and checkout flow using WordPress and WooCommerce. Payments by credit card occur via Stripe and payments by Bitcoin occur via our self-hosted BTCPay server. We are especially proud of our beautiful BTCPay checkout design; thank you @artdesignbySF for your great work.

Open Source

Passport will be the only hardware wallet on the market – and one of the only consumer hardware devices in existence – that meets the definition of Open Source Hardware according to the Open Source Hardware Association (OSHWA).

Passport’s hardware designs will be open under CERN-OHL-S v2 and firmware under GPLv3. While other hardware wallets have open source firmware, none include hardware designs that are legally considered open source. They (1) omit design files, (2) use inappropriate licenses like GPL or Creative Commons, (3) restrict commercial use, and/or (4) lack detailed component documentation, specifically in the Bill of Materials (“BOM”).

We are a corporate sponsor of OSHWA and will be submitting Passport for official certification. All future hardware that Foundation Devices makes will be open sourced under the appropriate licenses and certified by OSHWA.

We will be publicly posting our hardware and firmware to Github later this Fall, after completing validation of our next round of prototypes.

Assembled in the USA

Foundation Devices believes in the importance of local manufacturing and more robust global supply chains. Most of today’s devices are assembled in China, a communist regime that heavily censors the Internet, surveils its citizens, and seeks to undermine citizens’ privacy and sovereignty. This creates numerous geopolitical and security issues, especially with the rise of Bitcoin. Our devices will soon be safeguarding trillions of dollars of value – it is imperative that we trust our hardware manufacturers.

We therefore chose to assemble Passport locally, in the USA, and purchase all of our components from American companies and distributors. While many components still originate from Asia, the critical parts – such as the screen, processor, secure element, and camera – all originate from highly reputable suppliers. And circuit board assembly, device assembly, provisioning, and testing all take place in the USA. The Foundation Devices team will be on-the-ground at the factory during production.

To our knowledge, Passport is the only hardware wallet assembled in the USA. For advanced users, it may be prudent to add Passport to your multisig setup in order to defend against potential supply chain vulnerabilities.


We’ve been hard at work over the last five months designing Passport, prototyping, and preparing for production. Here’s an overview of our progress to-date:


We completed the design of the enclosure and are currently prototyping via 3D printing. We have placed orders for long-lead time enclosure components, including the keypad assembly and copper-plated zinc alloy casted part.

Circuit Boards

We completed design of the circuit boards and have completed two prototype revisions. We will be ordering our third revision of prototype boards in the next several days. Novel features include:

  • Camera for scanning QR codes.
  • AAA battery power.
  • Avalanche noise source, an open source true random number generator that uses standard components (no black-box silicon).
  • Sharp Memory LCD, which has circuitry etched directly into glass for easy visual inspection, and unlike most displays includes no black-box silicon.


We forked Coldcard’s open source firmware (licensed as GPLv3) and have made numerous changes. We anticipate finishing v1 firmware by end of November. We intend to contribute relevant improvements back to Coldcard. Changes include:

  • A new UI with simple navigation via a navpad and dedicated select buttons.
  • Changes to all copy and radical simplification of menu structure.
  • Ability to scan QR codes and transmit PSBTs via QR codes.
  • Code reorganization to comply with Micropython best practices.
  • Implemented new device drivers for Passport components including camera, screen and keypad.
  • New keypad controller to allow for more advanced input, such as long-presses.
  • Ultra-fast keypad responsiveness.

We ported Blockchain Commons’ UR Standard (for data transmission via multi QR codes) to Python. This can be seen on our Github.

We created a font converter to generate python code from BDF fonts. This can be seen on our Github.


Foundation Devices recently raised a pre-seed round to fund development and production of Passport. Thank you to our investors for enabling us to build a hardware company that believes in open source, sovereignty, and privacy.


  • Balaji Srinivasan
  • Brett Gibson of Initialized Capital
  • James McAvity of Cormint
  • Louis Liu of Mimesis Capital
  • Stephen Cole
  • Thomas Pacchia of HODL Capital
  • Tomer Federman of Federman Capital
  • and more
Next Steps

Learn more about Passport and preorder your Founder’s Edition below, limited to 1000 units!

Read through the FAQs and contact us at with any questions.


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Introducing Passport: an Elegant and Secure Bitcoin hardware wallet

Bitcoin passing $11k signals a new bull market, with incredibly exciting times ahead for Bitcoiners as we prepare to welcome a new flood of users into the ecosystem. But we must ask ourselves – how will new Bitcoiners store their coins? Will they use Coinbase, who already holds almost 1 million Bitcoin? Or will they embrace sovereignty, privacy, and ownership by self-custodying their own Bitcoin? 

Foundation Devices believes that today’s hardware wallets make the wrong security and design tradeoffs. They’ve worked for us early Bitcoiners so far because we are willing to deal with difficult interfaces, metal seed backups, safety deposit boxes, Shamir’s Secret Sharing, and so much more. But they won’t work for the new wave of incoming Bitcoiners as we reach mass-adoption by the end of this decade.

Bitcoin needs a hardware foundation that is beautifully designed, easy to use, and open source. Most of today’s hardware, including Ledger wallets, are closed source. As Bitcoin’s market cap grows to the trillions, so do the incentives for attackers to compromise closed-source hardware. We must rebuild today’s hardware stack to be open source, auditable, and verifiable – from the chips to the circuit boards to the firmware and beyond.

Foundation is taking our first step on this journey by introducing an elegant, secure, and open source hardware wallet named Passport. We are thrilled to officially announce Passport today, and are accepting reservations for our first edition batch of 1000 units. 

So what makes Passport special? Passport is designed to be elegant; something every Bitcoiner would be proud to carry. We use high quality materials like soft-touch plastic and copper-plated zinc alloy. At 4 inches long x 1.5 inches wide x 0.8 inches thin, Passport is comfortable to hold and use.

Passport’s interface is intuitive and familiar, with a simple navigation pad and physical alphanumeric keypad. There’s no need to learn how to navigate the menus and enter PIN numbers and passphrases – you already know how to use Passport. 

To sign transactions, simply insert a microSD card or scan a QR code. Wallets like Bluewallet already support multi-QR transmission, and Passport is compatible with any software wallet that supports PSBTs over microSD or QR. 

Passport is open source and uses the same high-level security architecture and firmware base as Coldcard, with a Microchip secure element and STM processor. The circuit board designs and firmware will be published on Github in the coming weeks, with hardware licensed under CERN’s Open Hardware License V2 and firmware under GPL3. No unknown code will run on the device.

Completely airgapped, Passport is powered by two AAA batteries and includes no USB port, Bluetooth, or wireless communications of any kind. Passport has numerous security features, such as security lights and an avalanche noise source for entropy. And Passport uses more trustable components, like a screen with circuitry etched directly into glass, which allows for easy inspection at production.

Foundation Devices, headquartered in Boston, is focused on building open hardware for Bitcoin and the sovereign Internet. We will proudly assemble Passport in the USA.

We cannot wait to tell you more about Passport in the coming weeks! Passport will launch for preorders in August and will ship by late December. We have already received over 500 email reservations for our first edition batch. 

Learn more about Passport and reserve yours below!

And feel free to check out the FAQs and contact us at with any questions.


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Bitcoin and a revolution in American manufacturing

Foundation Devices is proudly headquartered in Boston, the birthplace of the American Revolution. The USA was established 244 years ago on the belief that all individuals deserve life, liberty, and the pursuit of happiness. Bitcoin captures these same ideals, providing sound money that lowers our time preference, allowing us to accumulate savings and invest in our future. 

At Foundation, our mission echoes these values:

Foundation Devices strives to empower humankind – to make Bitcoin and decentralized tech accessible to each and every individual in order to build a new era of sovereignty, ownership, and privacy. Our products are the foundation of a better, sovereign Internet.

Foundation will push for a new American Revolution – a revolution in American manufacturing. 

Before Bitcoin, American manufacturing of electronic devices added cost without adding proportional value. For example, a phone manufactured in the USA is not necessarily more useful or higher quality than a phone manufactured in China. Buyers in the USA might be excited to pay more for the phone because it’s “Made in the USA,” but there is no functional benefit to making the phone locally.

Bitcoin changes this. With immutable transactions on the Bitcoin blockchain, there is no recourse if funds are stolen. There’s no bank to reverse the transaction, no credit card company to issue a refund, no FDIC insurance to protect institutions against loss. Bitcoin devices must securely store private keys and safeguard against numerous attack vectors. This turns traditional hardware security models upside down.

Currently most electronic devices originate from China. You may be comfortable with the risks of having your phone made in China. But what about your Bitcoin hardware wallet?

We are at the beginning of a slow transition to sovereignty and privacy. Bitcoin wallets will replace bank accounts. Private keys will replace passwords. Money, identity, and data will be controlled by individuals instead of institutions.

In this new paradigm, we need more trustable hardware. We need components from reputable suppliers and tight control over supply chains. We need to be physically present on the factory floor and ideally own our own manufacturing facilities. We need open source, auditable designs. And we need to build our hardware in jurisdictions which stand for basic human rights and freedoms.

Yes, in America our unalienable rights are regularly being put to the test, recently with a Coronavirus-fueled government push for greater surveillance capabilities and a ban on end-to-end encryption. But Foundation is optimistic that Americans will prevail. Groups like the EFF are vigorously fighting for our freedoms – and countless individuals and organizations will continue to speak out. 

Foundation will assemble our devices in the USA. We say “Assembled in the USA” rather than “Made in the USA” because most components originate from Asia. This is sadly the state of the hardware industry; almost nothing is made in America anymore. To mitigate this, Foundation is purchasing key components – such as the processor, secure element, and screen – from reputable suppliers that are headquartered outside of China (specifically STMicroelectronics, Microchip, and Sharp). And we are buying all our components through American distributors like Arrow who have high quality standards and strong supply chain oversight.

So what exactly are we doing in America?

  1. We are headquarted in America and pay American taxes.
  2. We design our products in America.
  3. We prototype our products in America, using equipment from American companies like Formlabs and American quick-turn prototyping facilities.
  4. We purchase components exclusively from American distributors or suppliers.
  5. We assemble our circuit boards in America.
  6. We assemble and test our devices in America.
  7. We package and ship our devices in America.
  8. We conduct regulatory testing at American facilities.
  9. We work with an American industrial design firm.

Foundation will strive to continuously onshore our supply chain. This will increase our costs, as American labor is more expensive, but the benefits are significant and it will enable us to build more trustable devices. We believe our customers will be willing to pay a modest premium for sovereign hardware made in the USA.

We have a lot of work to do. It’s not enough for key components to originate from outside of China. We need to bring semiconductor production back to the USA so that critical chips can be produced domestically. We need more efficient processes for plastic and metal production so that we can build enclosures locally. And we need to competitively produce common circuit board components, such as resistors and capacitors, in America. Tariffs will help us, as well as other government incentive programs. Foundation will be leading the charge!

Our first product, a Bitcoin hardware wallet called Passport, will be assembled in the USA. We’ll be publishing more info about Passport over the coming weeks. Pre-orders will open later this summer for shipping later this year.


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Evaluating the security and trustability of hardware wallets

As Bitcoin appreciates in value, it is more important than ever that we encourage users to withdraw their coins from exchanges and store them securely. For the average user, storing sizable quantities of Bitcoin requires a hardware wallet.

But how do we evaluate the security and trustability of the numerous hardware wallets available on the market today?

Foundation is concerned with new entrants making false claims with regard to open source security models and trustability. We believe it is imperative that our industry self-regulates and follows a clear set of disclosure criteria – so that hardware wallet buyers can make well-informed purchasing decisions.

In this post, we propose a set of criteria with which to evaluate hardware wallets. To avoid bias, this post does not attempt to rank the security or trustability of any specific hardware wallet, and all company and product names have been redacted in quotations.

Proposed Criteria:

  1. Open or Closed Security Model
  2. Trustable Components
  3. Trustable Supply Chain
  4. Present vs. Future Capabilities
  5. Honest Claims
  6. Security Certifications
  7. Bitcoin PSBT Support

Read on for more details!

Open or Closed Security Model

Hardware wallet producers must disclose whether their security model is open or closed source. There is no middle ground. If parts of the design are secret – such as undisclosed portions of the circuit schematics, redacted component information, or closed source code – then the hardware wallet is closed source.

Foundation has recently observed bizzare open source claims from hardware wallet producers. For example, one claimed to have “pioneered the hardware wallet industry’s first open source secure element firmware” – while not disclosing that the device’s operating system is closed source!

This same producer claims that their “hardware wallet application layer, device schematic (circuit diagram), and bill of materials (BOM) are also open source” – but does not mention that their schematics are omitting certain information and that their BOM does not include details of the secure element chip.

Another popular producer rightfully states that the apps running on its hardware wallets are open source, but fails to mention that the device firmware itself is closed source.

This is important because most consumers take open source claims at face value. If they are told that a hardware wallet is open source, they expect that experts in the Bitcoin community are able to research and verify the hardware and software running on the wallet. We must provide consumers with accurate information and empower them to make informed purchasing decisions.

Furthermore, it takes a great deal of time and effort to open source hardware products. Producers must provide proper documentation, comments, and build instructions for firmware. Circuit schematics must be legible, self-explanatory, and properly formatted. Electrical designs must be exported to the correct file formats. Bills of materials must detail every component. Datasheets for each component must be provided when possible.

If our industry becomes comfortable with a degraded definition of open source hardware, then we reduce the incentive for producers to be honest and forthcoming. We risk “open source” becoming a buzzword that every hardware wallet producer slaps onto their marketing material in order to sell more units.

For more detailed guidance, we strongly encourage open source hardware wallet producers to comply with OSHWA criteria and open source all hardware under CERN’s Open Hardware License (OHL). This covers many edge cases, such as components on the BOM requiring manufacturer NDAs for datasheet access.

Foundation is currently unaware of any hardware wallet that meets OSHWA criteria and is open sourced under CERN OHL or a similar open hardware license.

Trustable Components

A hardware wallet must be ultra-secure. Therefore, hardware wallet producers must carefully select components that can be trusted. Since hardware today can not be fully trustless, as we must rely on third party components and global supply chains, Foundation refers to trustworthy components as “trustable.”

Below are common hardware wallet components and potential concerns.

  • Screen
    Does the screen include an integrated processor running closed source firmware? Most modern high resolution displays are running black-blox silicon. Is the supply chain opaque? Most AMOLED and E-Ink displays have highly proprietary supply chains. What company manufactures the screen – is it an OEM off Alibaba or a more reputable company like Sharp?
  • Touch Panel
    If using a touch panel instead of a physical keypad or buttons, does it contain an integrated processor running closed source firmware? Most high-quality multitouch surfaces include an embedded CPU.
  • Processor (also referred to as MCU)
    What company manufactures the processor? Is it a small China-based producer or a more reputable company like NXP, STM, or Microchip?
  • Secure Element
    Is the secure element a “dumb” device that cannot execute code, or is it running firmware and an operating system? Does the hardware wallet producer know what firmware is running on the secure element, and do they open source that firmware? Is the secure element a black box? What company manufactures the secure element – a small China-based producer or a more reputable company like NXP, STM, or Microchip?
  • Camera
    Does the camera include an integrated processor running closed source firmware? Most cameras do. If so, does the hardware wallet sanitize the input from the camera, and can the hardware wallet producer demonstrate this by open sourcing the code?
  • Lithium Ion Battery
    Does the battery contain an integrated processor running closed source firmware? Some hardware wallet attack vectors include monitoring the power consumption during usage. What company manufactures the battery?

Foundation is heavily inspired by the work of bunnie, a well known open source hardware expert. Read more about trustable hardware on his blog.

Trustable Supply Chain

Hardware supply chains are complex, and it is rare to see vertically integrated hardware producers. Most hardware companies rely on contract manufacturers, and all hardware companies rely on component supply chains that originate in China. So that buyers can make an informed purchasing decision, Foundation believes that hardware wallet producers must disclose the following:

  1. Suppliers of key components such as the screen, touch panel, secure element, camera, and battery. This should be done even if the hardware wallet is closed source, as it is trivial to identify this information with a tear-down.
  2. Name and location of third party engineering firms that contributed to hardware wallet design. For example, buyers need to know if a US-based wallet producer outsourced electrical engineering work to a firm in China.
  3. Location of contract manufacturer(s). While it is prudent to keep manufacturer names confidential for security reasons, it is important to know the general location of manufacturing. For example, buyers need to know if a European wallet producer outsourced manufacturing to China.

Present vs. Future Capabilities

Hardware wallet producers will improve their products over time, both by adding new features and responding to bug reports and vulnerabilities. We know that it is tempting to rush a hardware wallet to market in order to generate revenue as soon as possible, but producers must understand that they are selling important security devices. The industry must judge hardware wallet producers on the capabilities of their devices today – not based on future roadmaps.

We’ve recently observed new hardware wallet entrants promise to open source components of their designs in the future, or add critical features like PSBT support in a future release.

In a Twitter DM with one hardware wallet producer, I asked in regard to a mobile companion app:

So you’re comfortable letting your customers use the app, but won’t release the code?

They replied:

We are comfortable letting users use the app. We just think doing code audit before open source it is a responsible way compared to directly open source it.

This is mind-boggling to me, as the company admitted that it feels comfortable having users download a closed-source, unaudited companion app and use it to secure their cryptocurrency. Our industry must judge hardware wallet producers by the present capabilities of their devices, and push back hard on any company that states “we will do X in the future.”

Honest Claims

Foundation has observed numerous false claims by hardware wallet producers with regard to device security and capabilities. Most consumers do not have the expertise to determine whether claims are truth or fiction. Therefore, the community must hold hardware wallet producers accountable and call out any false or exagerated claims.

Below are some claims we’ve recently observed:

Hackers simply cannot even attempt to steal your crypto

The first Bitcoin wallet to secure against physical attacks

The combination of multi-layer and multi-sig protections creates the most physically secure storage wallet every created

Thanks to its innovative key generation and recovery system, you will always be safe from any attack

The WORLD’S FIRST Multicurrency, Non-electronic Hardware Wallet

[Wallet] adopts an industry-first 2-Factor Key Generation (2FKG) process for the production and private key generation for our physical wallets. The 2FKG process ensures the highest safety standards for your cryptocurrency assets.

Anti-Tamper: Theft are not an issue as [Wallet] is protected from physical attacks.

The Cold Wallet, not just a hardware wallet. Air-Gapped. Anti-Tamper. Trustless Trust

The [Wallet] is built around the most secure type of chip on the market, ensuring optimal security for your crypto.

The Best Security…[Wallet] offers the best level of protection: your key remains protected in a certified secure chip.

Many of these claims are complete lunacy (“Hackers simply cannot even attempt to steal your crypto”), but many buyers of hardware wallets will take these claims at face value. Others are more nuanced (“built around the most secure type of chip on the market”), but are attempting to state opinion as fact.

Hardware wallet producers must understand that they are not selling toaster ovens or calculators – they are selling important security devices that are designed to safeguard large amounts of cryptocurrency. Hardware wallets are imperfect. Hardware security is imperfect. There will always be vulnerabilities. Producers must make honest claims.

Security Certifications

Some hardware wallets producers advertise security certifications like EAL5. There is nothing inherently wrong with security certifications, but we must recognize their shortcomings.

  1. Component producers pay certification organizations to certify their products. It’s important to understand this incentive structure.
  2. Certification processes do not cover every attack vector; components are placed through a predefined process with predefined scenarios.
  3. Certifications are not a replacement for independent reviews.

We as an industry cannot allow hardware wallet producers to hide behind security certifications. For example, a recently launched hardware wallet producer described its product as follows:

A 100% offline, anti-tampered cryptocurrency hardware wallet and the only one in the world with the highest security certification for its secure firmware (EAL7)

I emailed the company asking for further clarification on whether the firmware was open, and was told:

We’ll make a lot of the code available on github etc, but our secure firmware which has earned the highest security certification in the world (EAL7, as per press release tomorrow), will be closed sourced (as well as the secure element). We hope to go more towards the open source end gradually.

This is massively misleading for average consumers who do not understand how security certifications work. We cannot allow new hardware wallet producers to hide behind certifications as an alternative to making their devices open source and auditable.

Bitcoin PSBT Support

As a bonus, Foundation believes that hardware wallets that support Bitcoin should clearly disclose whether or not they support partially signed Bitcoin transactions (PSBT). PSBT is a standard format for Bitcoin transactions which, among other things, makes it easy to create multisig setups across different hardware and software wallets.

Hardware wallets producers that do not support PSBTs are perpetuating walled-garden ecosystems, discouraging Bitcoin innovation, and drastically increasing the difficulty for software wallet developers to integrate with new hardware wallets.


Foundation hopes that this post is a starting point in a larger conversation around hardware wallet requirements in the Bitcoin and cryptocurrency industry. We must self-regulate in order to provide consumers with the most secure possible products in order to safeguard their assets.


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Bitcoin and the Sovereign Internet need open hardware.

Our entire world is based on trust. We trust that our banks will safeguard our deposits; we trust that companies will keep our personal data private; we trust that governments will keep us safe. 

But is this sustainable? Over the past decades our trust in critical institutions has slowly eroded. Irresponsible banking practices plunged us into repeated economic crises. Facebook and Google collect our personal data at an unprecedented scale, while repeatedly failing to implement sufficient safeguards against data breaches and leaks. And now, as the COVID-19 crisis progresses, our governments are working with tech companies to expand mass-surveillance capabilities. 

The solution is clearly a sovereign Internet and financial system built on Bitcoin and other sovereign technologies. Bitcoin allows us to opt out of the existing system, transacting peer-to-peer without trusted third parties. 

Open source makes Bitcoin possible. Without open source, there would be no way to independently verify that Bitcoin has a maximum supply of 21 million coins; there would be no way to understand how it functions. Without Bitcoin’s open source code, we would be forced to trust third parties. Open source is the bedrock of our emerging sovereign Internet.

At Foundation Devices, we strongly believe that open source software alone is insufficient – open software must run on open hardware. And while we’ve seen immense progress in the FOSS movement and Bitcoin, we’ve seen little progress in open hardware. 

Hardware today is a web of proprietary intellectual property, non-disclosure agreements, and security-via-opaqueness. Want to know more about how that hardware wallet keeping your Bitcoin safe? Sign that NDA and learn about that EAL5+ security certification and proprietary operating system! 

Ledger Nano X product page

This opaque hardware security model may be fine for your passport or credit card. But with the rise of Bitcoin and cryptocurriencies, for the first time ever real money can be stolen without any recourse. No bank or credit card company can reverse a Bitcoin transaction. No government will provide your Bitcoin wallet with FDIC insurance.

If an employee at Ledger adds a vulnerability to the proprietary, closed source firmware running on the STMicroelectronics (STM) security chip, your funds could be stolen. If a security researcher discovers a vulnerability in the STM security chip, you will not be notified without signing an NDA. If a government works with STM to insert a backdoor into their security chip, you will never know. 

With Bitcoin’s market cap at around $160B, there are minimal incentives for our institutions to misbehave. But what about at a $1T market cap? $10T? The incentives continue to grow, and it is inevitable that companies and governments will attempt to compromise Bitcoin hardware in this decade.

And what about when every device is transacting with Bitcoin, sending machine-to-machine micropayments? What happens when our entire economy is built on Bitcoin? Every device – from cellphones to laundry machines – becomes a hardware wallet. 

Closed, trusted hardware security models no longer work in a Bitcoin world!

So what do we do? We build open source hardware. We start by designing products with more trustable components, assembled in a more trustable USA-based facility. We produce open source, legible circuit schematics using a respected license like CERN’s Open Hardware License. We publish all firmware as open source under MIT or GPL3 licenses. We clearly identify the components that require trust, such as the processor and secure element, and we work to source or build our own components that are more open and trustable.

In addition to emphasizing open source, we deliver great design and UX. We make open hardware with mass-consumer appeal. We prove that open hardware can be beautiful, intuitive, approachable. We demonstrate that open hardware can sell! 

We start with a hardware wallet and move to other critical products. We build the open hardware foundation for Bitcoin and the sovereign Internet.


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Introducing Foundation Devices: a new Bitcoin hardware company

We believe Bitcoin and decentralized technologies will empower the individual, leading to a better world where people control their own data and their own money. This is the dream for our industry; this is the reason why so many of us have chosen to start or join Bitcoin companies. We seek to eliminate the need for trusted third parties – like banks, cloud providers, and even governments – in order to make our systems more efficient and more accessible. And we seek to move power away from central points of failure to the edge; to the people.

As we build our industry from the ground up, we must remember this principle. We must build products and services that enable individual sovereignty.

We are concerned that today’s most mature Bitcoin and decentralized tech companies are the most centralized and opaque. Coinbase provides a custodial exchange. provides a hosted wallet. Bitmain is a web of secrecy. Our industry’s biggest players provide trusted exchanges, trusted wallets, trusted mining pools, trusted lending services, trusted nodes – and even trusted hardware wallets! (Yes Ledger, we are referring to you.)

Have we forgotten the point of it all? Have we forgotten why we are all here?

So many of the Bitcoin products and services that successfully enable sovereignty – like Electrum, Wasabi, Samourai, Nodl, and Coldcard – are fantastic offerings that lack consumer-oriented UX. While we love and use these products, they will never “cross the chasm” to the land of mass consumer adoption.

We worry that as Bitcoin and decentralized tech reach the next phase of adoption, the vast majority of consumers will become dependent on centralized providers. We will have succeeded at creating a different financial system with different intermediaries. But we will have failed at empowering the individual and building a new Internet.

This is why we started Foundation – to make beautifully designed, open source hardware for Bitcoin and the decentralized Internet. To bring great design and UX to hardware wallets, nodes, and more. To allow mass consumers to securely use and store Bitcoin while maintaining their sovereignty. To help our industry cross the chasm while staying true to our founding ideals.

We call this open hardware. And we are excited to bring it to the world.

Our Mission

Foundation Devices strives to empower humankind – to make Bitcoin and decentralized tech accessible to each and every individual in order to build a new era of sovereignty, ownership, and privacy. Our products are the foundation of a better, sovereign Internet.

Our Values
  • Foundation offers best-in-class security and privacy via openness. No walled gardens; no closed source engineering. We are the antithesis of existing tech companies.
  • Foundation products are beautiful, intuitive, and approachable. Bitcoin and decentralized tech already have a steep learning curve; our products do not.
  • Foundation gives sovereignty to individuals and businesses. We empower you to take ownership and control of your money and your data.
  • Foundation products reflect our optimism about the future. We are building a better Internet based on a better form of money. Our products feel positive, aspirational, and a bit sci-fi.
Next Steps

This summer, Foundation will launch a new Bitcoin hardware wallet that provides the same security model as Coldcard while offering a beautiful, intuitive hardware and UI design. From day one our hardware wallet will be compatible with popular desktop and mobile applications. We will open source all circuit schematics, design files, and firmware – and we will assemble exclusively in the USA.

Over the next several weeks Foundation will release blog posts discussing the importance of open source hardware, diving into hardware challenges faced by our industry, and providing more details about our upcoming hardware wallet.


Preorder the Passport Founder’s Edition today, limited to 1000 units!

Shopping Cart
Your cart is empty
Calculate Shipping
Apply Coupon