These docs are still under construction and subject to change. For now you can learn more on our website or read the FAQs .

When you secure your digital life with Passport Prime, you are in full control of your money and data. This means you are also completely responsible for ensuring your money and data are backed up safely and securely, such that it is not lost to any single point of failure.

Prime Data

Before we explore how Prime helps you secure your money and data, it’s important to spell out the two different types of information being managed, and how they interact with one another.

Master Key

The master key is the primary secret that secures access to the Bitcoin and data stored on Prime. The master key should never be shared with anyone, unless you want to allow them full access to your money and data. The master key should never be stored in a complete state on any online device and you should never take a photo of it.

Settings & Data

The settings and data backup file on Passport Prime includes your user defined settings, installed apps and the data corresponding to each app. The settings & data backup file is stored as an .mla format and is encrypted by the master key. It is not possible to access the data inside this file without knowledge of the Prime master key.

Prime Magic Backups

Magic Backups are our simple yet extremely secure method to ensure you never lose access to your Passport Prime data. Despite the unrivaled convenience offered, Magic Backups are constructed in such a way that neither Foundation, nor your chosen cloud provider (Google or Apple) can steal your funds or see your data.

Master Key

Magic Backups store critical Passport Prime master key data in a 2-of-3 Shamir setup. This means that the master key is split into three parts, but only two are required to restore the key in a recovery scenario:

• One part is stored on one of the provided NFC Keycards. (You will be prompted to tap this to the back of Prime during onboarding)
• A second part is stored onto another one of the provided NFC Keycards.
• The third share is securely stored on your phone and backed up to your iCloud keychain or Android Auto-Backup through Envoy. (Prime and Envoy handle this automatically during onboarding)

To ensure optimal security and redundancy, never store the two Keycards in the same geographical location.

Even when leveraging Magic Backups, users are also free to back up their master key using the BIP39 seed word format from the device settings at any time. Users choosing to do this should exercise extreme care when storing their master key in this format as a compromise of this single item could result in complete loss of funds.

Settings & Data

The SHA256 hash of the Prime master seed is sent to Envoy via QuantumLink to be used as an anonymous identifier on the Foundation server. This is how we know which encrypted file belongs to which user without us needing to collect any personal information. All subsequent metadata backups (settings, Bitcoin account data, multisig configurations, additional app data etc) are encrypted with the Prime master seed and sent to the Foundation server for storage. This data is updated automatically on a continuous basis thanks to QuantumLink.

Only the person with knowledge of the Prime master seed can retrieve and decrypt the encrypted metadata stored on the Foundation server. This means that even Foundation cannot see the contents of the data. Users can also choose to keep an offline copy of this file on an external storage medium, but be aware that this storage method would need to be periodically updated to ensure recent data is consistently backed up.

Magic Recovery

To recover Prime from a Magic Backup:

User interaction:

1. On the Master Key setup screen, tap restore.
2. Choose ‘Restore from Keycards’.
3. Tap any Keycard to the back of Prime.

Automatic steps that follow:

4. Prime checks for a second key part stored on Envoy (and backed up to your personal cloud).
5. The master key is reconstructed and saved to Prime.
6. Prime sends a cryptographic hash of the master key through QuantumLink to Envoy.
7. Envoy queries the Foundation server to search for the corresponding encrypted settings & data backup file.
8. The file is downloaded to Envoy, then sent back to Prime via QuantumLink.
9. Prime decrypts the file using the restored master key and restores all settings & data.

Prime Manual Backups

Accessed by opting out of using Magic Backups with Passport Prime by disabling the feature in the advanced menu of the Envoy onboarding page, the manual backup option removes any link or usage of your personal cloud and the Foundation server for encrypted data storage. This option is not recommended for beginners.

Master Key

Using the manual backup option during onboarding allows you to choose between the following options to back up the Prime master key:

1. A 2-of-3 Shamir setup using the three provided Keycards. This means that the master key is split into three parts, but only two are required to restore the key in a recovery scenario. To ensure optimal security and redundancy, never store the Keycards in the same geographical location.
2. Writing down the BIP39 compliant seed word representation of the Prime Master Key.

Settings & Data

Manual users must ensure they create regular backups of this file from the Settings page on Prime. This file should be stored on a storage medium outside of Prime, eg a microSD card, USB thumb drive, or personal cloud storage.

Manual Recovery

To recover Prime from a manual backup:

User interaction:

1. On the Master Key setup screen, tap restore.
2. Choose the option you wish to use to restore the master key. This could be by scanning a SeedQR, entering seed words, or by using Keycards.
3. Follow the steps on screen to restore the master key using your chosen method.
4. Optionally restore a settings & data backup file which can be loaded from an external storage medium like an SD card or USB thumb drive.