Foundation's 2025 flagship: an open-source, audited security platform (KeyOS) combining a Bitcoin wallet with FIDO keys, 2FA and encrypted storage on a color touchscreen.
We may earn a commission from purchases through affiliate links. This does not affect our ratings. Affiliate Disclosure
The Foundation Passport Prime ($349, 2025) is less a wallet than a programmable security platform: its KeyOS Rust microkernel runs a Bitcoin wallet alongside FIDO security keys, TOTP/2FA and 50 GB of encrypted storage. It pairs an ATECC608C secure element with a Microchip SAMA5D2 processor, was independently audited by Keylabs with no critical or high findings, and backs up the seed as a 2-of-3 Shamir (SLIP-39) split across tamper-evident NFC Keycards. Hardware and software are open source (GPLv3), though reproducible builds are not yet available. It is best for Bitcoin-first power users who want an audited, multi-purpose device; altcoin holders and reproducibility purists should look elsewhere.
Avoid buying from unofficial marketplaces — counterfeit risk.
Hardware & firmware protection
Backup & restore options
User experience & interface
Supported coins & integrations
Anonymity & data protection
Weighted average score
How we rate wallets
Seen enough?
Foundation Passport Prime · From $349 · Rated 70/100
Affiliate link — we may earn a commission at no extra cost to you. Learn more about our affiliate policy
Foundation Passport Prime — Hardware Wallet manufacturer: Foundation (2025). Secure Element: Yes. Supported Networks: 1+ networks.
Seen the full specs? Check the latest price and availability.
Foundation Passport Prime · From $349 · Rated 70/100
Affiliate link — we may earn a commission at no extra cost to you. Learn more about our affiliate policy
1 networks · 1 native · 0 third-party
The Prime is built on KeyOS, a Rust microkernel that isolates each app, and pairs an ATECC608C secure element with a Microchip SAMA5D2 security processor. Keys are generated and held in the secure element and are non-extractable, and the device verifies its firmware via secure boot.
Its strongest credential is an independent audit by Keylabs (the team behind wallet.fail) that reported no critical or high-severity findings. Hardware and firmware are open source under GPLv3 — but reproducible builds are not yet available, so users cannot yet verify that shipped binaries match the published source. As a general-purpose app platform it also carries a larger attack surface than a single-purpose signer.
By default the Prime splits the seed using 2-of-3 Shamir Secret Sharing (SLIP-39) onto three tamper-evident NFC Keycards, so any two cards reconstruct the wallet and losing one card is not fatal. This removes the single-point-of-failure of a paper seed.
Standard BIP-39 import/export (12/24 words), a BIP-39 passphrase for hidden wallets, and BIP-85 deterministic child seeds are all supported. The trade-off is physical: you now manage a set of cards rather than one backup.
The Prime has a 3.5-inch Gorilla Glass color touchscreen with haptics — the largest in Foundation’s lineup — and a rechargeable battery in an anodized aluminium body. First-time setup takes roughly 18 minutes.
Beyond signing, it doubles as a FIDO2 security key, a TOTP/2FA authenticator and a 50 GB encrypted file vault, which is unusual for a hardware wallet and broadens who it is useful to.
The first-party app is Bitcoin-only, with PSBT support, multisig up to 15 signers and output-descriptor export for coordinators such as Sparrow, Specter and Nunchuk. Altcoins are possible only through third-party KeyOS apps (e.g. Cake Wallet), not the native wallet.
It connects via QR (animated UR2.0), microSD, NFC and the post-quantum-encrypted QuantumLink Bluetooth, and pairs with the Envoy app on iOS and Android plus desktop coordinators. There is no built-in WalletConnect.
No account registration is required, and the device can operate fully air-gapped over QR codes or microSD. Companion data in Envoy is encrypted, and Foundation does not require telemetry.
The privacy trade-off is connectivity: the Prime includes Bluetooth (QuantumLink) and NFC, so it presents more wireless interfaces than a strictly air-gapped, QR-only device — even though that Bluetooth link is post-quantum encrypted.
At $349 the Prime sits at the premium end of the market. Its value is in consolidation, not coin coverage:
You are paying for an audited, open platform that replaces several security devices at once.
The Passport Prime earns its $349 price through breadth rather than coin coverage: a credit-card-sized, audited, open-source security platform that consolidates a Bitcoin wallet, FIDO keys, 2FA and encrypted storage into one device with a polished color touchscreen.
Buy this wallet if:
Look elsewhere if:
The Passport Prime earns its $349 price through breadth rather than coin coverage: a credit-card-sized, audited, open-source security platform that consolidates a Bitcoin wallet, FIDO keys, 2FA and encrypted storage into one device with a polished color touchscreen.
Buy this wallet if:
Look elsewhere if:
We may earn a commission if you purchase through our links. This doesn't affect our editorial independence.
Impermanent loss happens when asset prices in a liquidity pool diverge from external markets, reducing the value of liquidity providers' holdings compared to simply holding the assets.
Read full definitionSecure Boot is a security feature that ensures only trusted software runs on a device by verifying its integrity during startup, preventing unauthorized code execution in crypto systems.
Read full definitionReproducible Builds refer to the process where the same source code consistently produces identical binary outputs, ensuring verifiable and trustworthy software in blockchain and crypto projects.
Read full definitionShamir Secret Sharing (SSS) divides a secret, like a crypto wallet seed, into multiple shares. A threshold number of shares reconstructs it, enhancing security as in SLIP-39 backups.
Read full definitionBIP39 is a standard for generating mnemonic seed phrases that are used to create deterministic wallets and securely back up cryptocurrency private keys.
Read full definitionA passphrase is an additional security layer for cryptocurrency wallets, acting as a 25th word in the BIP39 seed phrase, protecting access to hidden wallets.
Read full definitionBIP85 is a Bitcoin Improvement Proposal for generating child seeds from a master seed, providing deterministic entropy for use in secure key derivation and backup processes.
Read full definitionA backup in cryptocurrency is a secure copy of a wallet's seed phrase or private keys. It enables recovery of funds if the original wallet is lost or damaged.
Read full definitionFoundation refers to the Passport, a Bitcoin-only hardware wallet by Foundation Devices that securely stores private keys offline for self-custody.
Read full definitionTwo-Factor Authentication (2FA) secures cryptocurrency accounts and wallets by requiring two verification methods, such as a password plus a code from an authenticator app.
Read full definitionBitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Read full definitionPSBT (Partially Signed Bitcoin Transaction) is a Bitcoin transaction format that allows multiple parties to sign a transaction incrementally before finalizing it.
Read full definitionMultisig (multi-signature) is a security feature that requires multiple private keys to authorize a transaction, enhancing protection against unauthorized access in blockchain networks.
Read full definitionSparrow Wallet is a desktop Bitcoin wallet that focuses on security, privacy, and advanced features for managing Bitcoin transactions and keys.
Read full definitionSpecter is a Bitcoin hardware wallet solution designed for advanced users, offering secure storage through a customizable, self-hosted setup with options like Specter Desktop and Specter DIY.
Read full definitionWalletConnect is a protocol that enables secure communication between decentralized applications (dApps) and mobile wallets through QR code scanning or deep linking.
Read full definitionTelemetry in cryptocurrency and blockchain refers to the automatic collection and transmission of anonymous usage data, metrics, and error reports from wallets or nodes to improve software.
Read full definitionUTXO (Unspent Transaction Output) is a unit of cryptocurrency from a previous transaction that remains unspent and serves as input for new transactions in blockchains like Bitcoin.
Read full definitionElectrum is a lightweight Bitcoin wallet that allows users to store, send, and receive Bitcoin securely. It is known for its speed and low resource usage.
Read full definitionTrezor is a hardware wallet by SatoshiLabs. It stores private keys offline to secure cryptocurrencies.
Read full definitionData in this review can be verified from these sources.
Risk Score: 97/100
Bluetooth connectivity risks
Bluetooth increases wireless attack surface Learn more →
Based on specifications, price, and ratings
| Feature | Foundation Passport Prime | Ledger Stax | Coinkite Coldcard Q | Ngrave Zero |
|---|---|---|---|---|
| Price | $349 | $399 | $259.99 | $398 |
| Open Source | ||||
| Bluetooth | ||||
| Air-Gapped | ||||
| Security Rating | 72/100 | 89/100 | 94/100 | 73/100 |
| Usability Rating | 74/100 | 74/100 | 56/100 | 71/100 |
KeyOS is a Rust microkernel operating system that isolates each application and turns the Prime into a programmable security platform — running a Bitcoin wallet alongside FIDO2 security keys, TOTP/2FA and a 50 GB encrypted file vault.
By default the seed is split into a 2-of-3 Shamir (SLIP-39) scheme stored on three tamper-evident NFC Keycards, so any two cards restore the wallet. Standard BIP-39 import/export and a passphrase are also supported.
Its first-party app is Bitcoin-only (with multisig and descriptor export). Altcoins are only available through third-party KeyOS apps such as Cake Wallet, not the native wallet.
Some links on this page are affiliate links. If you purchase through them, I may earn a commission at no additional cost to you. This helps support the site and allows me to continue creating detailed, independent reviews.
Our testing methodology is evolving. Ratings and assessments will be refined as we improve our scoring framework to reflect the most accurate results.
Official website • Secure Element • Security audited • Bluetooth • NFC • Open source
View Best PriceAffiliate link — we may earn a commission at no extra cost to you. Learn more about our affiliate policy
