What's available to your app on Passport Prime today, what's coming, and what's intentionally not supported.
Capability matrix
| Capability | API | Status |
|---|---|---|
| Bitcoin signing (BDK) | lib/keyos/api/* | β Stable |
| QuantumLink Bluetooth | os/quantum-link | β Stable |
| NFC read / write | os/nfc | β Stable |
| Camera / QR / UR scanning | os/camera | β Stable |
| File storage (Airlock, User, USB scopes) | os/fs | β Stable |
| Secure element access | os/security | β Stable |
| FIDO2 / U2F / CTAP-HID | os/fido | β Stable |
Slint UI (@ui/... library) | sdk/ui/ui | β Stable |
| Haptics, RGB LED, power management | os/haptics
, os/rgb-led
, os/power-manager | β Stable |
Hosted simulator (foundation sim) | SDK | β Stable |
Live UI preview (foundation preview) | SDK | β Stable |
| USB HID / HWI / keyboard driver | os/usb | π§ Coming |
| Public SDK release | - | π’ Public beta β feedback to hello@foundation.xyz |
| App catalog & store | - | π§ Roadmap |
| Developer certificate trust store | Settings β Apps | π§ Coming |
| Network / internet access | - | β By design (Prime is offline) |
π Click any linked
os/<service>above to jump to that crate's full rustdoc API reference. See the API Reference landing for the complete generated crate list including services not yet broken out in this matrix (app_manager,keycard,backup,update,server,settings,gui_server_api).
Per-API summaries
Bitcoin signing - lib/keyos/api/*
First-class BDK integration. Same robust hardware wallet capabilities as Passport Core: multisig, passphrases, temporary seeds, and wide software wallet support.
QuantumLink Bluetooth - os/quantum-link
Continuous secure comms with paired phones and desktops, with post-quantum encryption (CRYSTALS-Kyber) built in. The right channel for interactive protocols like Lightning, Nostr, Ark, swaps, and Coinjoins.
NFC read / write - os/nfc
Read and write NDEF and custom tag formats. Useful for Magic Backupsβstyle flows, contactless pairing, and hardware token interactions.
Camera / QR scanning - os/camera
Scan QR codes, UR codes, and animated QRs via the on-device Omnivision camera.
File storage - os/fs
Three distinct scopes:
- Airlock - quarantined incoming files from USB or NFC, sandboxed until the user moves them.
- User - your app's private storage. Other apps cannot read it.
- USB - files exposed when Prime is connected as USB mass storage.
Secure element - os/security
Cryptographic key storage and operations gated by the Microchip ATECC608C secure element. Sensitive operations (e.g. seed retrieval) require user confirmation on the trusted display. Seeds never leave the secure element unencrypted.
FIDO2 / U2F - os/fido
Full CTAP-HID stack - Prime can replace a YubiKey for hardware-backed second-factor and passkey flows.
Slint UI library - sdk/ui/ui
70+ curated Foundation-designed components, theme tokens, fonts, and icons. Import from @ui/... and you get a polished, on-brand starting point that you're free to fully restyle. See Building Apps - UI
for the component list.
Device feedback and power - os/haptics, os/rgb-led, os/power-manager
Use device feedback and power-management APIs where your app is granted access. Raw buses such as GPIO, IΒ²C, SPI, and DMA are not available to third-party apps.
Why no network?
Prime is intentionally offline. There is no IP stack and no Wi-Fi. The only outbound paths are USB-C, NFC, camera, and QuantumLink Bluetooth - all user-initiated, all visible. This is a security choice, not a limitation we plan to remove.
If your app needs internet data, the pattern is to have a companion phone or desktop app fetch it and pass it to Prime over QuantumLink or QR.