Foundation Passport Official Thread

[Pmalek]

This is not a big deal, but I would like to be able to have few spare batteries I can easily swap anytime... so everyone make sure to have correct BL-5C battery ^{(not similar BL-5CB model)}

I remember years ago when I needed spare batteries due to my work, there was a little trick you could do to get a slightly bigger battery to fit in place. Most batteries have like a plastic cap on one side, maybe on both. If you take a knife, you can tear off that cap to reveal the inside component of the battery. It's going to look weird and be a bit sticky because the cap is glued to the battery. However, you get an additional millimeter or two in size reduction, which might be just enough to get the battery to fit inside the device. Do it at your own risk, of course.

[n0nce]

@foundationdvcs, Passport uses Avalanche diode as a  source for its TRNG.

In this regard, I'm curious to know if this diode is in continuous operation so that SEED is generated exclusively from entropy it provided or Avalanche's noise  is used to generate initial entropy that subsequently feeds BRNG with relevant SEED being generated?

Here we can see the schematic and PCB location of the Avalanche circuit.

As far as I can tell, it is not running all the time. I would assume that NOISE_BIAS_EN is only set to high when they want to sample some randomness.

If you take a knife, you can tear off that cap to reveal the inside component of the battery.
[...]
Do it at your own risk, of course.

Knives and batteries are not the best combination..

[satscraper]

As far as I can tell, it is not running all the time. I would assume that NOISE_BIAS_EN is only set to high when they want to sample some randomness.

Well, OK, but the question remains whether they sample  256 bits of that randomness and produce relevant SEED from it or  use those 256 bit from Avalanche to feed BRNG for subsiquent SEED generation.

Latter means that some deterministic rule is applied to Avalanche's entropy to get random number  for the final SEED.

BTW, I have changed my mind as  to  implementation of password feature in Passport and must confess their decision to erase  it  from memory at shut down is the best one in term of security.  

[n0nce]

Well, OK, but the question remains whether they sample  256 bits of that randomness and produce relevant SEED from it or  use those 256 bit from Avalanche to feed BRNG for subsiquent SEED generation.

Latter means that some deterministic rule is applied to Avalanche's entropy to get random number  for the final SEED.

I'm not sure about that; from what I can tell, the noise_get_random_uint16 function returns one byte by xor'ing the two analog outputs of the avalanche circuit, four times.

ret = adc_read_noise_inputs(&noise1, &noise2);
[...]
r ^= noise1 ^ noise2;

I can't find a function that feeds this to a PRNG (pseudo RNG); the result just gets used by different functions that e.g. fill buffers with multiple random bytes (acquired by repeatedly calling noise_get_random_uint16).

But maybe @foundationdvcs can give a more definitive answer on that.

I'm curious how you got the idea that they would feed the avalanche entropy into a PRNG..

[satscraper]

I can't find a function that feeds this to a PRNG (pseudo RNG); the result just gets used by different functions that e.g. fill buffers with multiple random bytes (acquired by repeatedly calling noise_get_random_uint16).

But maybe @foundationdvcs can give a more definitive answer on that.

OK, then it seems Passport generates SEED's entropy solely from random physical process.

However,  response from foundationdvc   would  be appreciated as their statement "TRNG on SE" is slightly misleading -  Avalanche diode is not on SE.

I'm curious how you got the idea that they would feed the avalanche entropy into a PRNG..

Just my curiosity

They said TRNG on secure element, but Avalanche diode is not on SE.

At the same time

output from BRNG  (that might  be hardware based and implemented on SE) seeded by "white noise" would be very close to being truly random .

Some manufacturers call BRNG seeded by randomness from physical process as TRNG.


UPD. @foundationdvcs, please, don't be silent, waiting for your response.

[foundationdvcs]

UPD. @foundationdvcs, please, don't be silent, waiting for your response.

Will get back to you ASAP, just getting caught up on this thread after a crazy week for the company!

[RickDeckard]

Will get back to you ASAP, just getting caught up on this thread after a crazy week for the company!

Could you also share with us how was this week for you? If I were to guess this surely has to be one of the best periods of Foundation ever since the creation of the company, or am I wrong saying this? The price reduction just in time to reap the burning house that was/is Ledger has had to be a wombo-combo for your company (and rightfully so).

[n0nce]

Hey @foundationdvcs I just realized your last professional security audit was in [1] Q2 2021. Are there any plans for a fresh one any time soon? Maybe you could also try to get the WalletScrutiny guys to re-run their script which checks the latest firmware version for reproducibility.

I also believe that the audit you got was purely a software review and didn't actually attempt to execute the attacks they describe. That's especially evident from your response where you were able to refute many of the 'potential risks' that they had claimed existed.

Nevertheless, the audit also seems to only have covered the FE branch of the Passport firmware, and I know how much code changed from FE to Batch 2. So I do believe a new audit would be good, maybe this time from someone who also actually tries to exploit what he believes could be vulnerabilities.

[1] https://foundationdevices.com/security/

[satscraper]

Hey @foundationdvcs

and, for good measure,  the reminder of my hard-nose question

~

resulted from the fact that

....Avalanche diode is not on SE.

[foundationdvcs]

@foundationdvcs, Passport uses Avalanche diode as a  source for its TRNG.

In this regard, I'm curious to know if this diode is in continuous operation so that SEED is generated exclusively from entropy it provided or Avalanche's noise  is used to generate initial entropy that subsequently feeds BRNG with relevant SEED being generated?

Here is a quote from our CTO, Ken, on the question you raised here:

We read the Avalanche noise source through the ADC on channels 10 and 11 in `adc_read_noise_inputs()`. This function returns two 32-bit values. The ADC is started and stopped each time we read a random value.

https://github.com/Foundation-Devices/passport2/blob/6c6249e2c15f52c59db56b12b5f84213806a6533/ports/stm32/boards/Passport/adc.c#L151

This function is called by `noise_get_random_uint16()`, which XORs the two 32-bit values together and XORs the lower 16-bits of that value into the `uint16_t` result. This is repeated 4 times, shifting the result left 4 bits each time. This process is typically called “whitening” and it helps remove potential sources of bias. Note that there is a 1ms delay between each of the 4 rounds, which gives ample time for entropy creation.

https://github.com/Foundation-Devices/passport2/blob/6c6249e2c15f52c59db56b12b5f84213806a6533/ports/stm32/boards/Passport/noise.c#L39

For a 32-byte seed, we call `noise_get_random_bytes()` with a 32-byte buffer and just call `noise_get_random_uint16()` 16 times to fill the buffer.

We have run the random numbers through the NIST statistical tests to prove they are uniformily random.

Please let me know if you have any outstanding questions after that, happy to answer them/get them answered for you!

Will get back to you ASAP, just getting caught up on this thread after a crazy week for the company!

Could you also share with us how was this week for you? If I were to guess this surely has to be one of the best periods of Foundation ever since the creation of the company, or am I wrong saying this? The price reduction just in time to reap the burning house that was/is Ledger has had to be a wombo-combo for your company (and rightfully so).

Oh my, by far the craziest week in the history of the company! Not only did we have the biggest firmware and software releases yet planned (Envoy full mobile wallet and Passport v2.1.0 with Key Manager and much more), but the price drop perfectly coincided with Ledger's fiasco and made for a powerful duo. We sold 6wks worth of units in 36h, if that tells you anything, and the rush has barely slowed down even after going out of stock due to the craziness.

Fantastic to see people rushing to safety in truly open-source software and hardware and finally understanding the risks inherent with introducing trust back into the system with closed-source code.

Hey @foundationdvcs I just realized your last professional security audit was in [1] Q2 2021. Are there any plans for a fresh one any time soon? Maybe you could also try to get the WalletScrutiny guys to re-run their script which checks the latest firmware version for reproducibility.

I also believe that the audit you got was purely a software review and didn't actually attempt to execute the attacks they describe. That's especially evident from your response where you were able to refute many of the 'potential risks' that they had claimed existed.

Nevertheless, the audit also seems to only have covered the FE branch of the Passport firmware, and I know how much code changed from FE to Batch 2. So I do believe a new audit would be good, maybe this time from someone who also actually tries to exploit what he believes could be vulnerabilities.

[1] https://foundationdevices.com/security/

As of now there are no plans to do another security audit on the current code-base, but we will absolutely be having an audit done on the next device we're working on now, as that will be a complete rewrite from the ground up. I will, however, prompt the Wallet Scrutiny guys again to try and get them to update their tests as our code is absolutely still reproducible so I'd love to have their tests inline with our current codebase/version.

I'll re-raise the idea of an audit on the current code-base internally, though, and report back here if that changes at all.

[n0nce]

As of now there are no plans to do another security audit on the current code-base, but we will absolutely be having an audit done on the next device we're working on now, as that will be a complete rewrite from the ground up. I will, however, prompt the Wallet Scrutiny guys again to try and get them to update their tests as our code is absolutely still reproducible so I'd love to have their tests inline with our current codebase/version.

I'll re-raise the idea of an audit on the current code-base internally, though, and report back here if that changes at all.

Another re-write? Just now when you finally got passport2 running on FE.. Hopefully the gen 1 and 2 devices will continue to be supported.

Do consider a more thorough audit though, as I mentioned, where they actually try to execute supposed security flaws. I believe this gives us consumers a better picture as to how realistic / possible certain attacks are. For security-conscious buyers, this is very helpful information that most manufacturers can't actually provide.

[foundationdvcs]

Another re-write? Just now when you finally got passport2 running on FE.. Hopefully the gen 1 and 2 devices will continue to be supported.

Not a re-write, a completely new piece of software/firmware is necessary for the next device, will be very clear why when we announce it

And yes, absolutely will as both devices will be offered in tandem when it's released!

Do consider a more thorough audit though, as I mentioned, where they actually try to execute supposed security flaws. I believe this gives us consumers a better picture as to how realistic / possible certain attacks are. For security-conscious buyers, this is very helpful information that most manufacturers can't actually provide.

Absolutely, we're leaning towards an audit on the current code base now, will update when we have more firm details.

[RickDeckard]

Oh my, by far the craziest week in the history of the company! Not only did we have the biggest firmware and software releases yet planned (Envoy full mobile wallet and Passport v2.1.0 with Key Manager and much more), but the price drop perfectly coincided with Ledger's fiasco and made for a powerful duo. We sold 6wks worth of units in 36h, if that tells you anything, and the rush has barely slowed down even after going out of stock due to the craziness.

Fantastic to see people rushing to safety in truly open-source software and hardware and finally understanding the risks inherent with introducing trust back into the system with closed-source code.

That is incredible to hear, congratulations to the team over @Foundation. I wonder, do many clients sign up for the Concierge Setup? Or out of all your orders this service represents only a fraction of your income?

[satscraper]

Here is a quote from our CTO, Ken, on the question you raised here:

We read the Avalanche noise source through the ADC on channels 10 and 11 in `adc_read_noise_inputs()`. This function returns two 32-bit values. The ADC is started and stopped each time we read a random value.

https://github.com/Foundation-Devices/passport2/blob/6c6249e2c15f52c59db56b12b5f84213806a6533/ports/stm32/boards/Passport/adc.c#L151

This function is called by `noise_get_random_uint16()`, which XORs the two 32-bit values together and XORs the lower 16-bits of that value into the `uint16_t` result. This is repeated 4 times, shifting the result left 4 bits each time. This process is typically called “whitening” and it helps remove potential sources of bias. Note that there is a 1ms delay between each of the 4 rounds, which gives ample time for entropy creation.

https://github.com/Foundation-Devices/passport2/blob/6c6249e2c15f52c59db56b12b5f84213806a6533/ports/stm32/boards/Passport/noise.c#L39

For a 32-byte seed, we call `noise_get_random_bytes()` with a 32-byte buffer and just call `noise_get_random_uint16()` 16 times to fill the buffer.

We have run the random numbers through the NIST statistical tests to prove they are uniformily random.

Please let me know if you have any outstanding questions after that, happy to answer them/get them answered for you!

Thanks for response.

Could you show here the  p-values (relevant to Passport's TRNG) for each test from NIST suite?

Alternatively, refer me  to relevant Foundation's official  source if any.

[Lucius]

Can someone confirm if this HW works in combination with Electrum with the help of QR codes or only as described on the official website with the help of a microSD card? https://docs.foundationdevices.com/connect/electrum

[satscraper]

Can someone confirm if this HW works in combination with Electrum with the help of QR codes or only as described on the official website with the help of a microSD card? https://docs.foundationdevices.com/connect/electrum

Passport/2 can not be paired and communicate with Electrum via QR. (The limitation is due to Electrum itself. ) This HW does it via json file. Just have checked it using  my Passport 2.

But why bother yourself with Electrum?

Sparrow is much better in term of privacy. It is capable to connect to BitcoinCore and communicate with Passport via QR.

But if you prefer public Electrum servers Sparrow is capable to work with them as well.

[cygan]

after the disaster of a very well known hardware wallet manufacturer i am now looking for a new hw-wallet...
play now with the idea to buy me the passport batch 2. but since the price is already in a very high category, i wanted to ask politely if there are perhaps also current vouchers that reduce the price a little - because the shipping to the eu is then certainly also in the double-digit dollar range

[satscraper]

after the disaster of a very well known hardware wallet manufacturer i am now looking for a new hw-wallet...
play now with the idea to buy me the passport batch 2. but since the price is already in a very high category, i wanted to ask politely if there are perhaps also current vouchers that reduce the price a little - because the shipping to the eu is then certainly also in the double-digit dollar range

Looks like the cheapest reseller in EU is BitcoinBrabant  which offers it for € 329,95 € 259,95, the fair price as to me (I have paid ~ €80 more at time of purchase). You should hurry up if your intention is serious as "Batch 2 is limited to 2400 units."

[Lucius]

~snip~
You should hurry up if your intention is serious as "Batch 2 is limited to 2400 units."

Is there a special reason why they decided to produce only 2400 units? This does not seem logical to me from a business perspective, especially if the demand is increased, as is the case now. Although it seems to me that I read that some new device is being prepared, so that might be the reason.

[RickDeckard]

~snip~
You should hurry up if your intention is serious as "Batch 2 is limited to 2400 units."

Is there a special reason why they decided to produce only 2400 units? This does not seem logical to me from a business perspective, especially if the demand is increased, as is the case now. Although it seems to me that I read that some new device is being prepared, so that might be the reason.

I think the 2400 units mostly has to due with scaling their business. If you look at Founder's edition, they started out with 1000 devices which sold out in November of the same year[1]. In that same page you can read that the initial order for Passport Batch 2 was 2500 units. I vaguely remember that they planned to ship this new device in April, but I believe that clients only started receiving their orders around July-August, so if we assume that they got the units around August, it took them around ~9 months to end that round of supply.

Considering that they are still a young company and need to take the best decisions that they can regarding inventory management (stock in their warehouse is just money waiting to be sold), I suppose that they felt safer recreating the same number of devices that their last order was made of. I also assume that their manufacturing capacity also played a role in this decision (since they not only depend on that but also on their suppliers...). Perhaps to get a better pricing for their components they would have to invest a larger sum of money (economy of scales) and it wouldn't be beneficial to them as well.

Regarding the new device - you probably have read about it right here[2] in this thread.
[1]https://foundationdevices.com/2021/11/passport-founders-edition-is-sold-out/
[2]https://bitcointalk.org/index.php?topic=5441422.msg62326900#msg62326900