Passport version 2.0.6 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.0.6 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.

With version 2.0.6 of Passport firmware, we’ve added a fix for a pin entry issue that affected users with alphanumeric pins in the now deprecated v2.0.5.

NOTE: Since we have deprecated v2.0.5, we’ve replicated the blog post from that version below.

What’s changed

With version 2.0.6 of Passport firmware, we worked hard to drastically improve QR code scanning and processing, bringing speed and compatibility up to our standards. We’ve also added official support for Keeper Wallet, a new multisig focused wallet, and cleaned up a few bugs.

For more details on each of the changes, keep reading below!

New Features

• Added support for Keeper Wallet
  • Keeper is a new wallet in alpha focusing on bringing a user-friendly experience to multisig and inheritance. Now you can use it with Passport as one of your keys with a native option under accounts to connect to Keeper.
• Support looping through menus
  • Get tired of pressing that left key? Prefer to just mash one button? Now you can cycle through pages by just pressing right or left repeatedly.

Improvements

• Improved camera QR code scanning performance
  • Camera performance has been a major focus in this release as we weren’t happy with speed and handling of certain QR code sizes and resolutions.
  • We’re happy to say that QR code scanning is finally up to our standards, and scanning should be much snappier and less finnicky across practically all wallets.
  • Two of the specific changes are:
    • Changed the camera to use a 4:3 resolution
    • Changed the QR scanning library to a more stable version
• Improved performance of address verification
• Show security words immediately after activation of security words
• Improved supply chain validation scan errors
• Improved Casa health check error handling

Bug Fixes

• Fixed a visual bug around alphanumeric PIN entry
• Fix Passport lockup during initialization while pressing keys
  • If you’ve ever had your passport keyboard become unresponsive after booting, it was likely due to this bug
• Resolved a few key Casa integration bugs
  • Fix an error when trying to export Casa configuration using microSD
  • Fix Casa health check scanning
  • Fix Casa transaction signing issue
• Fix multiple minor memory leaks
• Alphabetical order of software wallets displayed was fixed
• Improve animation on “Verify Address” screen
• Bring forward a microSD card bug fix from Founder’s Edition code
• Fix passphrase not being shown when showing seed words
• Reset extension settings and search address space on Passport erase
• Fix Passport freezing when using special characters
• When setting up Passport allow user to go back to update the firmware
  or to change the setup method
• Fix crash when importing multisig configuration without valid keys
• Display a warning when backing up Passport with a passphrase applied
• Use root XFP as the filename for the backup when a passphrase is applied
• Ensure extension accounts show the passphrase indicator
• Fix lockup on wrong PIN entry
• Filter keypad double-presses
• Extended the shutdown timer while scanning and displaying QRs
• Revert a regression in account header display
• Prevent multisig config import failing when a passphrase is present
• Fix a bug that would crash the file explorer if there were too many files on the microSD card

Verifying and Installing Passport Firmware

If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page

Why we love encrypted microSD backups

Those of you who have been in Bitcoin for a while may be used to the seed phrase shuffle involved in creating a new Bitcoin wallet, but that concept is one that is alien to the normal person’s experience in the digital world. As people have become more and more used to trusting a centralized entity with their data behind only a username and password, the idea of physically writing down 12 or 24 words as a way to store wealth is not necessarily the most approachable.

While the concept of encrypted backups to microSD isn’t a new one, we’ve taken the path of using microSD backups as the default on-boarding method when a user sets up their new Passport. This approach does introduce a new set of trade-offs, but we think that it is a simpler approach for most people and opens up new possibilities when it comes to storing the secrets required to restore your funds after you lose your Passport, break it, or suffer a physical theft. Our goal with encrypted microSD backups is to improve the user experience and peace of mind for new users without sacrificing security, and we think this approach does just that.

Why not just use seed phrases like everyone else?

Here at Foundation, we’re deeply passionate about not only helping to onboard the deeply technical users in the Bitcoin community, but also ensuring that those who are new to the space can more easily dive down the rabbit hole of Bitcoin. This means that we work hard to ensure that deeply technical and complex setups can work well with Passport + Envoy, as well as very simplistic and approachable setups that are more friendly to new users.

This is why we’ve chosen to support both seed phrases and microSD backups and leave the choice up to the user. While we’ve made the default flow follow the microSD backup path, we still expose the seed words to users in the settings menu, allowing the standard backup path to be chosen by those who understand the trade-offs inherent in it. Unfortunately a seed cannot be used to backup and restore device configuration, account names, transaction tags, etc., meaning that a seed phrase can never restore any off-chain data.

If you backup the seed phrase you can always restore funds like normal in the Bitcoin space – both with Passport or with any other Bitcoin wallet of your choosing.

How do encrypted microSD backups work?

When you create a backup of your passport to microSD (something that automatically happens when you first setup your Passport and anytime you make account changes to it), Passport creates an encrypted 7-zip file using a 20-digit passcode that is generated using Passport’s three forms of entropy:

1. The onboard CPU’s random number generator
2. The secure element’s true random number generator
3. The open source Avalanche noise entropy source

These three forms of entropy are used so that even if one was somehow compromised or vulnerable to attack, the passcode would still be cryptographically secure. 

This standard form of 7-zip encryption uses AES-256 to encrypt the data, and then uses a form of SHA-256 to hash the 20-digit passcode into a 256-bit key. The combination of these techniques means that there are 100,000,000,000,000,000,000 possible combinations of passcodes, making it practically impossible to bruteforce the passcode if an attacker somehow obtained the backup file.

As long as a user has access to both the backup file and the 20-digit passcode, they can not only restore their funds, they can also restore all device settings, accounts, account names, multisig configurations, etc. in just a couple of minutes. As the encrypted backup file is a standard 7-zip format, even if Foundation disappeared and your Passport stopped working you could easily decrypt the file with your 20-digit passcode on a computer and import the seed into any of your favorite Bitcoin wallets.

To learn more about the backup functionality, you can read through our docs here.

What are the key advantages of encrypted backups?

Migrating from seed phrases to an encrypted microSD backup (or utilizing them alongside a standard seed phrase backup) provides a few key advantages for users:

1. All device configuration, accounts, account names, and multisig configurations are fully backed up and automatically restored when using microSD backups
   1. If you merely backup the seed phrase all of this secondary data is not backed up, leading to a lot of initial headache and extra setup necessary when restoring onto another device in the future
2. You can safely make and distribute multiple copies of the backup file – even to family or friends you don’t fully trust – as they cannot view or move funds in any way with just the backup file
   1. Just be sure not to also give them the passcode!
3. You can store the passcode safely in an end-to-end encrypted password manager like Bitwarden without risk of funds being stolen even if someone got access to your Bitwarden account
   1. Just be sure not to also store the backup file there!
4. An attacker or thief finding either your backup file or passcode would not be able to easily tell that they are Bitcoin-related
   1. There is no reason for an attacker to suspect that a microSD card or 20-digit passcode would be worth stealing
5. An attacker or thief finding either your backup file or passcode could not view or steal funds in any way without having both the backup file and passcode

What are the key disadvantages of encrypted backups?

While we think the overall trade-offs inherent in microSD backups are well worth it, there are some key drawbacks that you should be aware of if you choose to only use encrypted microSD backups:

1. You must have both the 20-digit passcode and encrypted backup file to restore funds
   1. I.e. if you lose either one you will be unable to restore funds!
   2. This means that microSD backups do introduce a second single point of failure
   3. Advantage #3 above greatly reduces this disadvantages impact, practically
2. If you store both the encrypted backup and passcode together, it provides no added security over a plaintext seed phrase
3. MicroSD cards themselves have a limited lifecycle and can fail – it’s important to use high-quality industrial-grade microSD cards (like those we ship with Passport) to reduce this risk
   1. You can also backup the file to another storage medium like a NAS or extra hard drive as another failsafe, and shouldn’t rely on a single microSD card alone!

This may be a short list, but the first point is extremely important to understand – losing either the passcode or the encrypted backup file would lead to loss of funds if you also lost or broke your Passport!

Which should I use?

The beauty of Bitcoin is that it enables you to choose your own path, and we certainly don’t want to inhibit that freedom. That’s why we leave the ultimate choice up to you and ensure that you aren’t locked into our ecosystem (or even our favorite approach). Whether you choose microSD backups or seed phrases (or both!) is up to you, but both can be easily imported into any standard Bitcoin wallet app. If you want added peace of mind, you can even use both and store the three pieces separately – encrypted backup file, 20-digit passcode, and seed phrase!

Ultimately the choice is yours, but we certainly love encrypted backups and how they’re helping onboard less technical users in a way that is approachable and secure.

Passport version 2.0.4 is now live!

We’re excited to announce that the latest version of Passport firmware – 2.0.4 – is now live! To download it, simply initiate the update from Envoy to be guided through the process.

What’s changed

With version 2.0.4 of Passport firmware, we added the Extensions menu, allowing users to enable extra features on Passport with the flick of a switch, starting with the Casa and Postmix extensions. We also greatly improved the QR code scanning and display functionality and fixed several minor bugs.

For more details on each of the changes, keep reading below!

New Features

• Add an Extensions menu to Passport’s settings
  • The extensions menu offers a simple way to enable extra features on Passport
  • For more information on the Extensions feature and all available extensions, see our docs here: https://docs.foundationdevices.com/passport/extensions
• Add Casa extension and account page
  • The Casa extension adds an additional account screen with extra, Casa specific features to make using Passport with the Casa platform easy. Video tutorial coming soon!
  • Verifying your Casa multisig with Passport and Sparrow – Blog Post
• Add Postmix extension and account page
  • The Postmix extension offers users the ability to mix directly to cold storage, but then subsequently continue remixing, for free, at any time in the future.

Improvements

• Improved QR code display and scanning
  • Improve the size and density of QR codes to better fill the screen
  • Remove vertical line from camera image when scanning QR codes
  • Remember last brightness setting when showing a QR code
  • Remember last pixel density setting when showing a QR code
• Improve microSD and file handling
  • Autorefresh file picker when microSD inserted/removed
  • Erase the PSBT file after signing
  • Allow user to go back up a level when there are no files in the current directory
• Improve user experience
  • Make delete key handling on Backup Code page more intuitive
  • Add low power warning dialog when battery hits 5%
  • Tell user when they are installing a developer-signed firmware update
  • Show new fingerprint (XFP) when switching passphrases
  • Show Clear Passphrase and Change Passphrase menus instead when a passphrase is already active
• Show brick warnings on 5 and 1 PIN code entry attempts remaining
  • Ensure that users properly understand that the device will be bricked after entering an incorrect PIN code 21 times
• Add several new/updated icons
• Add support to enter account numbers up to 2,147,483,646
• Improved paginated layout for seed words page
• Rename Testnet menu to Network
• Search “change” addresses for multisig address verification

Bug Fixes

• Bring forward bug fixes from Founder’s Edition code
• Fix Verify Address for all uppercase bech32 addresses
• Fix XFP missing crash
• Respect “Skip address verification” flag in wallet settings
• Respect “Force multisig policy” flag in wallet settings
• Fix multisig import and multisig address verification during connect wallet process
• Fix text alignment in mulitsig QR import screen
• Fix scrollbar margins in a few places
• Fix QR and microSD wallet import crashes
• Fix backspace bug when entering a 12 digit PIN
• Fix toggle switch right padding
• Don’t import duplicate multisig wallets (show error page)
• When Auto-Shutdown is set to Never, the selection now scrolls into view properly
• Fix Bitcoin URI parsing (when URI was followed by query params, parsing failed)
• Allow up/down keys to increase/decrease screen brightness on all QR code pages, not just animated ones

Verifying and Installing Passport Firmware

If you’d like to verify and install the latest version of Passport manually, you can follow our guide on the topic here: Firmware Update support page