Bitcoin Forum

Hey, we have been building Keycard as an open-source, JavaCard hardware wallet for a couple of years.

Now we’ve opened pre-orders for our new product Keycard Shell, which turns any Keycard into a fully-fledged, open-source hardware wallet.

What makes Keycard Shell unique from the sea of hardware wallets today?

The problem: Today’s common dual-chip designs export keys to a general-purpose MCU (and have been hacked - see Safe 3 (https://x.com/P3b7_/status/1899863755053555954)). Our Shell solution:

• Dedicated Secure Chip (Java Card): All transactions are signed inside a battle-tested, non-upgradable Java Card secure element – the same EAL6+ tech used in bank cards since the ’90s; one chip per Keycard
• Radical Open Source: Hardware & software are MIT-licensed – schematics, PCB layouts, BOM, Java Card applet, CAD files… audit, modify, even 3D-print your own case (https://x.com/vpavlin/status/1906741587989721180)

Keycard Shell features

• 100% open source: transparent for you to build on, audit, and modify
• Unlimited Keys on Unlimited Cards: use multiple seeds or create secure backup cards; even ditching steal/paper backup for storing 10 cards in different locations (secured by PIN)
• Duress PIN: enter a second PIN under coercion to reveal a decoy wallet
• Air-Gapped QR Signing: sign offline with Shell’s camera & QR; no radio technology on board; USB exists for updates, and can be turned off
• Universal Compatibility: works with UniSat, BlueWallet, Sparrow, BackPack, imToken & 10+ more via BC UR and ERC-4527
• Future-Proof Design: replaceable Nokia BL-4C battery & modular cards for emerging crypto standards

As always, let us know your opinion! Check out our blog for a deep dive into thread scenarios and security trade-offs (https://keycard.tech/blog/keycard-shell-radically-open-uniquely-secure), and early prototypes (https://keycard.tech/blog/keycard-origins-shells-design-journey-from-concept-to-prototype).

And, we are taking pre-orders (w/ 50eur off), so feel free to check out https://keycard.tech (https://keycard.tech)

I took a quick look at your release history on GitHub and saw that development has been ongoing since 2018. I'm curious why is the product still only available for preorder with no actual sales yet? What’s caused the long delay in starting manufacturing for the Keycard wallet? Also, could you share which startup is behind the relevant project, and what jurisdiction it's based in?

Keycard is a small part of IFT (https://free.technology/), some folks might know Status (https://status.app/).

Keycard has been around since 2018, right. https://github.com/keycard-tech/status-keycard (https://github.com/keycard-tech/status-keycard)
The past year we've been building Keycard Shell - a shell to the cards, turning smart cards into fully-fledged hardware wallets: https://github.com/keycard-tech/keycard-shell (https://github.com/keycard-tech/keycard-shell)

Jurisdiction is Switzerland.

It's always nice to see a new manufacturer in this field, but I have a few questions:

• Is the SE on Shell really 100% open-source?
• Can users disable the USB data transfer functionality without turning the device on?
• Any plans to accept Bitcoin or other cryptocurrencies as a payment method in your shop?

There are some big players already present on the market such as Tangem (only contactless) or Satochip (dual-interface).
Do you plan to open your "shell" to other smartcard player for a better interroperability?

By the way, nice job guys!

Arculus, Cryptnox and CoolWallet are also worth to mention.


I have Tangem 2 and use it primarily to top up my crypto card while on the go. Because of that, I would have little interest in their "shell" accessory ^{which requires the wired connection}. One of the key advantages of Tangem is that it connects wirelessly via NFC to its dedicated mobile app ^{that is very convenient for mobile use}.

Interesting to see another airgapped device coming soon, I see shipping is expected to happen around Q4 of this year.
If I understand correctly, for €99 per-order we are getting Keycard Shell device and two plastic Keycards?
It would be super cool if Keycard Shell could be used for reading other smart cards also, to serve multiple functions.

I saw you are offering custom designed cards, can you say if there is any price difference compared to regular Keycards?
Maybe we can order Keycard Shell with custom design cards directly.

Our security model is quite different. It's modular: Shell is kept as simple as possible, while Keycard has the SE.
Even during signing, the keys don't leave Keycard - unlike with a Trezor Safe 3 for example. Check out the examples we put on our blog: https://keycard.tech/blog/keycard-shell-radically-open-uniquely-secure (https://keycard.tech/blog/keycard-shell-radically-open-uniquely-secure) , and especially the comparison table.

Keycard's SE is a standard JCOP4 by NXP - think credit cards, passports etc - with a proprietary part. Once there is a fitting, open source alternative, we would consider moving over.

USB data is turned off by default. If you like, you can keep that setting turned off, only ever use the usb port for charging, and use non-data cables only.

We are working on crypto payments. Mostly a legal thing. Sadly.

Thank you!

Regarding Tangem. To keep it short and friendly I'd say we prefer Keycard's open source security model over Tangem's closed one.

Now, Satochip is interesting. Satochip and Keycard both have the NFC + chip combo.

With Shell we now add a camera + QR, which makes any Keycard work with: UniSat, BlueWallet, Sparrow, Backpack, imToken...
Technically, Keycard could be integrated with desktop wallets like Sparrow or Electrum. We just haven't gotten around to doing it, yet.
Of course we warmly invite anyone to contribute Keycard card reader support with Sparrow ;D

For anything EVM, you can use Keycard with Status.im apps (mobile via NFC + desktop via reader)

Good point on interoperabilty! Technically, any JavaCard can work with Shell. I've pinged Satochip to see if they'd like to integrate. Again, our full stack is open to contribution  8)

These are all decent wallets! The one major difference is that Keycard is full stack open source, both card + wallet, Arculus and Cryptnox aren't.

I remembered CoolWallet as the one with display. But it turns out they plan a new one, a JavaCard from the looks of it. I haven't talked to them in a while, and the website doesn't mention the tech stack. But it looks like it's used for backups only. Via NFC. Interesting! Quite expensive for a feature you can just used Keycard for, though.


Shell can be used 100% air-gapped. No wired connection. You sign transactions by pointing Shell's camera to a wallet like UniSat, BlueWallet, ... etc. Then confirm on Shell's display & sign. Then let UniSat read the signature QR on Shell's display.

Fully air-gapped. Shell's usb port can 1) have data turned off 2) be used for charging only.

Keycard also works via NFC - with one open source EVM wallet - Status.im - for now.

Yes, a discounted €99 for Keycard Shell + two Keycards.

For 1 custom card, sure we can do it right away for the original price. Or for free if you have a fun project we should support.
For a custom Shell or large amounts of custom cards we can talk about price but also what logistics setup would work best for you.

Or, you could simply 3d print your own! Shell's hardware is open source, too:
https://github.com/keycard-tech/keycard-pro/tree/master/hw (https://github.com/keycard-tech/keycard-pro/tree/master/hw)
https://x.com/vpavlin/status/1897971893979725884 (https://x.com/vpavlin/status/1897971893979725884)

Thank you for providing answers to our questions, but when I checked the comparison table on your homepage ^{[screenshot (https://www.talkimg.com/images/2025/05/12/UUjlwC.jpeg)]}, I was under the impression that Shell also has a SE and it's an open-source one ^{[it even mentions having its own usages]}, as opposed to Keycard.

Tangem offers the unique capability to function as the seedless wallet utilizing an innovative backup technique. Each card in the related set is capable of restoring sensitive information such as your key and PIN. As Zack Herbert ^{CEO of Foundation} mentioned in the recent interview (https://www.thestreet.com/crypto/innovation/are-seed-phrases-dying-foundation-devices-ceo-says-theyll-be-obsolete), SEED phrases may soon be obsolete. Based on the information from your website, it appears that Keycard still relies on seed phrases. Is that correct?

Thx for bringing that up! Parts of that table are confusing. Let us update it.

Essentially, Shell's "Open source secure element" and "Secure element has its own usages" means that Shell "has" Keycard, and Keycard has the SE. And the card itself can even be used standalone, via NFC.

The card can be managed with GlobalPlatform, an open standard. And the JavaCard runtime that is also an open platform with an open API. For a secure element even these two aspects are not a given.

Shell allows for backup cards, too.
You can create a couple ^{or more} backup cards and then destroy your paper backup.

The main difference to Tangem is that Keycard allows you to add backup cards after the initial setup.

Mind that Tangem doesn't have a "Shell", but you need to use their close-source app. Which had a security vulnerability where imported private keys could be leaked ^{but that's for another day}

I understand your point, but my main question was whether Keycard can operate in "seedless" mode. Based on your somewhat non-committal response I’m starting to think that it doesn't support this feature, and that generating SEED phrase is the only viable option for it. BTW, does Keycard shell support extending the standard BIP 39 phrase by adding the custom password/phrase ^{or it is strictly limited to the standard words from the BIP 39 word list}?

Thank you for your detailed answer... Based on my understanding, the closed-source nature of the SE used on Keycard should always remain the same and the checkmarks on the SE parts of the Shell would probably mislead ^{[unintentionally]} some users.
^{- I believe the highlighted part on this "screenshot (https://www.talkimg.com/images/2025/05/14/UUBkBI.jpeg)" should also be changed (because of the hardware part).}

I think I understand. Do you mean SEEDLESS in the sense that no display ever shows the seed phrase?

No, the current Shell firmware version does display the seed. Technically, it's possible not to.
But the team likes to see demand for that SEEDLESS mode, mostly because it's a trade-off in security.

Also, you can always simply burn your seed paper after creating multiple backup cards, which makes it SEEDLESS in a sense. But I guess not 100% in the sense you would like to have it. Does that make sense?

Nope, broadly speaking, seedless refers to a wallet that doesn’t rely on seed phrase to generate/recover its private key. AFAIK Tangem is currently the only hardware wallet that fully implements this approach, embedding the private key directly into the card itself. That said, we might see more seedless solutions in the domain of HW, especially if the developers behind certain projects stay committed to this concept. You can find more details about Tangem’s implementation over there (https://tangem.com/en/blog/post/seedless-wallets/). Once again, I’d like to refer to Zack Herbert's opinion (https://www.thestreet.com/crypto/innovation/are-seed-phrases-dying-foundation-devices-ceo-says-theyll-be-obsolete), where he suggests that seed phrases will soon become obsolete.

@guylouis here, I am also a contributor to to keycard and shell!

You're actually right, it's a bit confusing to say the secure element is open source, we will change the line on the website. Thanks for this. The correct assertion is that the secure element has 'open source software'. Just like we did in our detailed comparison table here
comparison table (https://docs.google.com/spreadsheets/d/1SAmueXW9aRzSsGPuUAAcOpMQYKeCNoatu8CR4ZM1eUY/)

Also Keycard is using javacard because we considered javacards were the most open way to do a programmable secure element nowadays. It's an open platform with standard API and runs on a lot of different hardwares from a lot of different vendors. But indeed there is a trust assumption on the hardware (in keycard case: NXP JCOP4).

100% open source secure element based on RISC-V will come but they are not ready yet (see tropic square) and will come in non-programmable versions first. We believe a hardware wallet should never let the secrets keys get out of the secure element and thus be programmable (if it's not programmable, it will have to export the keys out, to a not so secure MCU to do the signing, because non programmable secure element can't perform natively all the crypto primitives of a bip32 wallet like deriving etc.).

Based on our study the only ones who use programmable secure element are ledger and shell (happy to be proven wrong and complete our comparison table on the link above)

Also on the front page of the website the idea we want to convey when we say hardware is fully open is that we provide everything (schematic, bill of material, gerber files for pcb manufacturing) to manufacture it. In that sense only fundation passport (to our knowledge) has the same approach as Shell (see the comparison table). We don't want to convey the impression that each component is open source down to the sillicon level, it wouldn't be possible (MCUs, Asics are not for instance)

When you use the 'seedless' mode with Tangem to setup your cards, one attacker that gets access to two of your cards can access to all your funds (without knowing your pin of course). We considered this type of recovery optionality is opening a too big attack surface.

Oh and also, based on your feedbacks, we confirm 25th passphrase will be implemented in Shell UI (it's already supported in keycard software), being tracked here: github issue (https://github.com/orgs/keycard-tech/projects/1/views/1?pane=issue&itemId=110621729&issue=keycard-tech%7Ckeycard-shell%7C58)

Well, what do does and could 'seedless' mean? What about Keycard?
1) The wallet doesn’t show you a mnemonic, or
2) The wallet doesn’t even generate or store a mnemonic internally (it keeps only raw key material)

Not showing the words removes the classic paper backup. Great for physical-theft risk, bad if you lose the device.

Not having/generating/storing the words is merely an implementation choice.
Storing security hinges on how the underlying secret is protected. It's usually stored via master key, not mnemonic.
Generating a private key never 'relies on a seed phrase' in that sense. The seed phrase is just a human-readable encoding of the initial entropy.
The BIP-39/BIP-32 flow: Random entropy -> mnemonic 'seed phrase' -> 512-bit seed -> Master key pair -> keys/addresses

Tangem in its default setup is type (2): the secure element generates one ECC private key and clones it to 2-3 cards.
No BIP-32, which means you only get one address per asset. (there's a BIP-39 seed mode, which makes it 'non-seedless' if you will. but in that mode you only get the first address on each path.)

Keycard can be seedless (1) where you burn the paper after creating backup cards. Full BIP-32, so you can have as many addresses as you like.

We all agree that a pice of paper with 12 words is a single point of failure. That’s the gist of Zack Herbert’s argument as well: keep the secret encrypted, sharded, or inside hardware. I'm sure he'd like Keycard as encrypted backups.

It seems we have a bit of different perspective on seedless wallets, but that’s totally fine ^{everyone is free to have their own views on this stuff}.

I do have one more question, though. Does the Keycard support the multisig scheme? In my opinion, having support for multisig would help alleviate some of my concerns about potential sidechain attacks, which could even originate from the manufacturer’s side. Sorry to bring this up, but it’s something I’ve been thinking about.

I would really like to see Keycared Shell supporting Satochip cards, and two teams working together.

Please disregard any silly seedless ideas for hardware wallets, especially if they are not giving alternative option to users.
We already saw how ''seedless'' closed source tangem really is when they leaked keys via their mobile app resulting in people losing coins.
Tangem even had a bug in 2024 that exposed seed phrases via email, so I would never use or recommend crap like that to anyone.

Now, due the type of work I do, I happen to know a bit about CAD and Java, but where on earth do I learn about how PCB layouts work? How schematics work? What BOM is and so on so forth.

It's good that all this is open-source, but I think we need to spend some time educating people on what these items actually are.


I feel like Duress PINs are flawed because they can keep hitting you until you reveal all of the PINs.

Please continue working on implementing the "seedless" functionality along side with traditional SEED. As Zack Herbert ^{who is far from being silly} pointed out, it’s an important step for progress in the HW domain. Ensuring that the Keycard Shell can support unlimited number of cards with the ability to back up seedless keys will greatly enhance the utility of such mode. The availability of this feature would expand the Keycard's niche. Just because some users may not require this mode doesn't mean others wouldn't benefit from it.

BTW, expecting to hearing back regarding my previous question on multisig support.;)

Yes, multisig is planned for Shell until release in October. And, Shell's current fw supports UR2.0 and uses PSBT - so, you would be able to check networks based on derivation path

Our new release (v0.9.17) improves a couple of aspects of BIP39 Mnemonic entry. Including passphrases: https://github.com/keycard-tech/keycard-shell/releases (https://github.com/keycard-tech/keycard-shell/releases)

This is a very good update, but I would recommend adding support for SLIP39 in future.
I also hope there is optional way to use Keycard Shell only with Bitcoin code, if possible.

Can you tell me from what country you are sending Keycard Shell devices, is it Switzerland or some other country?

Another week, another update: https://github.com/keycard-tech/keycard-shell/releases (https://github.com/keycard-tech/keycard-shell/releases)

Shell supports Bitcoin Multisigs now.
Also, SeedQR import.

SLIP39 is definitely worth a consideration.

Keycard just released their new affiliate program that can earn 10% commission on each referral you make, and give your referred friend a 5% discount.
This is a good idea if you are planning to purchase their new Ke<card Shell wallet, but please note that you need to wait for Keycard team to approve your application.
You can find more information on this page:
https://affiliates.keycard.tech/