Foundation Passport is built on a single principle that distinguishes it from every other major hardware wallet: full open-source everything. The PCB hardware schematics, the device firmware, and the Envoy companion app are all publicly available on Foundation's GitHub. A technically capable person can review every line of code in the signing path, verify the hardware design matches what was manufactured, and compile the firmware independently. No other major hardware wallet achieves this level of transparency. Ledger's secure element firmware is proprietary. Trezor Safe 3's ATECC608A component includes proprietary firmware. ColdCard's hardware designs are not fully published. Passport has no proprietary component anywhere in the security-critical path.
For a Bitok Arena competitor whose primary security requirement is knowing — not trusting — that the device performs exactly as claimed, Foundation Passport is the only available answer. The open-source auditability extends to the companion app Envoy, which means the full chain from private key generation through transaction signing through broadcast coordination is publicly reviewable code. For competitors with the technical knowledge to review it, this is the maximum achievable assurance. For competitors who prefer to rely on the Bitcoin security community's continuous review of publicly available code, it is still the most auditable option without requiring independent review.
Foundation Passport is the only major hardware wallet where no component in the key generation, address derivation, or transaction signing path contains proprietary code. Everything that handles your private key is publicly readable. The Bitcoin security community reviews it continuously. You can review it too — or trust a community that does.
Technical Specifications for Bitok Arena Use
Foundation Passport (Batch 2 and Prime) supports Native SegWit (bc1q) and Taproot (bc1p) Bitcoin addresses — both are valid for Bitok Arena entries. The device uses QR code air-gap signing exclusively for transaction data. The USB-C port is for firmware updates only — no transaction data passes through it. This makes the air-gap hardware-enforced, not software-configured. Compatible companion apps: Envoy (Foundation's own app, iOS and Android, fully open source) and Sparrow Wallet on desktop. Both support the QR-based PSBT exchange workflow for air-gapped signing.
The Passport does not use a secure element chip. Foundation's design philosophy: a secure element is a proprietary black box that cannot be independently audited, and a well-implemented open-source signing environment on an open-source microcontroller is more trustworthy than unauditable closed hardware. The Bitcoin security community has not reached consensus on this trade-off — advocates of secure elements argue that hardware tamper resistance is worth the auditing limitation, while advocates of Passport's approach argue that unauditable hardware cannot be trusted regardless of manufacturer claims. Both positions have credible technical defenders.
The Passport's camera quality and QR scanning speed have improved with each product generation. Batch 2 and Prime scan animated PSBTs (multi-frame QR codes) reliably in most lighting conditions. Sparrow Wallet generates animated PSBTs for Passport in a format the device handles without issues. The companion workflow is comparable to ColdCard Q in scanning steps and total time investment per entry transaction — approximately 2–3 minutes for the full air-gap signing cycle from PSBT creation to signed transaction broadcast.
Daily Competition Workflow With Foundation Passport
The recommended daily Bitok Arena entry workflow with Passport uses Sparrow Wallet on desktop. The prerequisite is pairing Passport with Sparrow in watch-only mode — a one-time setup using Passport's output descriptor QR. After pairing, Sparrow manages the watch-only account and can see the Passport-controlled address's balance and transaction history without the private key.
Daily entry: Open Sparrow, verify the receiving address matches the Passport wallet (not a clipboard-hijacked address), create a new transaction to the current round's master wallet address (copied from the Bitok Arena platform's current round page), set the fee rate, click "Finalize Transaction." Sparrow offers QR export for the unsigned PSBT. Display the animated PSBT QR on screen. Pick up the Passport and scan the QR using the device's camera. Review the destination address on the Passport's display — character by character, confirming it matches the master wallet address from the platform. Enter the Passport PIN to approve. Passport displays the signed transaction as QR. Scan back into Sparrow using the computer's webcam. Sparrow broadcasts. Track confirmation in the mempool.space link Sparrow provides.
The address verification step on Passport's display is the most important daily action regardless of which hardware wallet is used. Passport shows the destination address clearly before signing is approved. Every Bitok Arena entry should include this verification step: the master wallet address from the platform's current round page, confirmed character by character against what the signing device displays. This single check prevents clipboard-hijacking attacks that substitute a different destination address after the user has copied the master wallet address. The hardware wallet's display is the verification — not the companion app screen, which could be compromised.
Who Foundation Passport Is For
Foundation Passport is the right choice for a Bitok Arena competitor who holds a significant BTC position and requires the highest level of supply chain and firmware trust assurance available in a consumer hardware wallet. The fully open-source hardware and software means the device's security properties can be verified independently rather than on the basis of manufacturer claims. For competitors who hold smaller positions or who are comfortable trusting established manufacturers with security element implementations, Ledger or ColdCard provide adequate security at lower cost and with less QR scanning friction.
The open-source philosophy also means that any vulnerabilities found in Passport's code are publicly disclosed and publicly addressed — there is no private bug reporting process that the manufacturer controls. The security community that reviews Passport's code publishes their findings openly. This transparency creates accountability that proprietary firmware cannot provide, because the code that has been found to have vulnerabilities is visible and the patches are verifiable.
Foundation Passport is the device for a competitor who wants to know, not trust, that the device signing their Bitok Arena entries is exactly what it claims to be. The open-source hardware and firmware are the evidence. The security community review is the ongoing audit. For the competitor to whom that matters, no other device provides it.
Today's round is ready to receive your entry from whichever device you trust most. Foundation Passport generates the bc1q address, signs the entry transaction to the master wallet, and keeps the private key in publicly audited code throughout the process. The leaderboard records the position the moment the transaction confirms — the same position regardless of which hardware wallet signed it.
Foundation Passport signs your Bitok Arena entry with code that anyone can read. No proprietary component between your key and the blockchain. Verify the destination on the display, approve the signing, and broadcast from a device whose operation you can confirm rather than assume. The round is live. The code is public. Enter from a wallet where nothing is hidden.