Foundation Bets on AI Security With $6.4M Raise and Launch of Passport Prime Hardware Platform
Foundation has raised $6.4 million in a funding round led by Fulgur Ventures as the company expands beyond Bitcoin self-custody into identity security, multi-factor authentication and AI agent authorization.
The company also announced the general availability of Passport Prime, a hardware security device designed to approve high-risk digital actions outside compromised software environments, alongside broader access to its KeyOS developer platform.
The round included participation from Arche Capital and brings Foundation’s total funding to $16.5 million. Existing backers include Polychain Capital.
Foundation said Passport Prime began shipping to pre-order customers in March and is now available to the public for the first time at a starting price of $349.
The company describes the product category as “Human Authority Hardware,” a trademarked term referring to dedicated security devices intended to keep sensitive approvals outside conventional software systems.
Focus Shifts From Self-Custody to AI Authorization
The launch reflects a broader shift underway across the crypto and security industries as companies adapt infrastructure for AI-driven workflows and autonomous software agents.
Foundation argues that traditional authentication methods — including browser prompts, phone notifications and software-based policy engines — are insufficient in environments where AI agents can execute actions across wallets, cloud systems and enterprise infrastructure at machine speed.
“Every era has its key management problem. For Bitcoin it was self-custody. For the agentic era it is who actually authorizes the decisions an AI agent takes on someone’s behalf,” said Zach Herbert.
“That question cannot be answered by the same computer running the agent,” Herbert added. “It has to be answered on dedicated hardware.”
Passport Prime combines multiple security functions into a single handheld device, including Bitcoin hardware wallet functionality, FIDO authentication keys, two-factor authentication storage, encrypted file storage and credential management.
The company said the device includes 50GB of encrypted storage and a dedicated display designed for secure review and approval of transactions or system actions.
KeyOS Developer Platform Opens to Outside Builders
Foundation is also expanding access to KeyOS, its Rust-based microkernel operating system developed over a three-year period.
The company said the platform is open source and designed to support third-party security applications, including Bitcoin signing policies, enterprise authentication systems and AI authorization workflows.
Developers can now access SDK tooling, documentation and a KeyOS simulator through Foundation’s developer portal. The simulator allows applications to be built and tested without physical hardware before deployment onto Passport Prime devices.
The company plans to launch a KeyOS app store later in the second quarter, creating a distribution channel for applications built on the platform.
According to Foundation, the developer environment also includes a USB-connected MCP server enabling AI coding agents to build, test and capture screenshots from applications running directly on Passport Prime hardware.
Ken Carpenter said the company views the platform as moving beyond traditional hardware wallet functionality.
“A hardware wallet is a calculator. KeyOS is a computer,” Carpenter said. “The device stops being a box your keys sit in and becomes the trust layer for everything you do online.”
Security Architecture and Post-Quantum Encryption
Passport Prime runs on KeyOS and includes a communications layer called QuantumLink, which Foundation describes as a post-quantum encrypted Bluetooth protocol using ML-KEM and ChaCha20-Poly1305 encryption standards.
The system operates through a dedicated isolated Bluetooth chip rather than sharing connectivity infrastructure with the main operating environment.
Foundation said its hardware is manufactured in the United States at an ITAR-compliant facility.
The company positions the device as a response to limitations in existing security hardware categories. While hardware wallets focus primarily on cryptocurrency signing and FIDO keys handle authentication, Foundation argues neither provides a trusted display environment capable of securely reviewing complex AI-generated actions before approval.
Cake Wallet Integration and Ecosystem Expansion
Cake Wallet is the first outside team building applications for KeyOS, according to Foundation.
The company said the integration will provide cold storage functionality for Cake Wallet’s user base, which Foundation said exceeds one million users.
Foundation expects additional integrations tied to Bitcoin infrastructure, identity systems and AI agent workflows throughout 2026.
“At Fulgur, we aim to support Bitcoin companies that can scale and solve real problems for large markets,” said Oleg Mikhalsky.
He said Foundation is extending principles from Bitcoin self-custody into broader identity and authorization systems.
Will Wolf, who led Foundation’s earlier seed financing while at Polychain Capital, described KeyOS as an expansion from dedicated signing devices into a broader security operating system.
The launch comes as AI adoption accelerates across enterprise infrastructure, financial systems and consumer software, increasing demand for verification layers capable of separating human approval from automated execution environments.
Analysis: Foundation Is Quietly Building the Hardware Layer for the AI Agent Economy
This isn’t really a hardware wallet story.
That’s the first thing people are going to misunderstand.
When I read Foundation’s announcement, the Bitcoin angle looked almost secondary. Important, sure. But secondary. The real bet here is much bigger — and honestly a little uncomfortable if you think through where AI systems are heading.
Because Foundation isn’t trying to build another Ledger clone.
They’re trying to build the approval layer for autonomous software.
And that changes the conversation completely.
The Timing Feels Extremely Deliberate
Look at when this is happening.
AI agents are suddenly everywhere.
OpenAI is pushing agent workflows. Anthropic is talking about computer-use systems. Crypto projects are racing to automate treasury management, governance execution and onchain operations.
At the same time, everyone quietly knows the current security model is garbage.
Your AI assistant can already:
- Access wallets
- Interact with cloud infrastructure
- Move data across accounts
- Execute code
- Handle authentication flows
And in most setups, the final approval still happens on the exact same machine running the agent.
That’s insane when you say it out loud.
Foundation spotted the gap early.
“Human Authority Hardware” Sounds Corny — Until You Think About It
I’ll admit it. My first reaction to the trademarked term was skepticism.
Human Authority Hardware™ sounds like something a VC-backed startup workshop generated after three espresso shots.
But the underlying concept is actually sharp.
The core argument is simple:
The system making a request should not be the system approving the request.
That’s it.
And honestly, that principle becomes hard to argue against once AI agents start acting semi-autonomously across financial systems.
This Is Really About Distrusting Your Own Devices
That’s the weird shift happening here.
For years, security products focused on protecting against outside attackers.
Now the concern is increasingly internal.
Your browser may not be trustworthy.
Your operating system may not be trustworthy.
Your AI assistant may absolutely not be trustworthy.
That changes hardware design entirely.
Passport Prime isn’t just trying to secure keys. It’s trying to create a physically isolated checkpoint between humans and machine-speed automation.
That’s a different market.
And probably a much bigger one.
I Think Foundation Understands Something Most Crypto Hardware Companies Don’t
Most hardware wallet companies still think in crypto-native terms.
Seed phrases.
Cold storage.
Transaction signing.
Foundation is talking about AI authorization flows, enterprise approval systems and identity infrastructure.
That’s a much more ambitious positioning strategy.
And frankly, probably the correct one.
Because hardware wallets alone are becoming commoditized.
You can already feel it.
The real opportunity is turning secure hardware into a programmable trust environment.
That’s what KeyOS is really about.
The KeyOS Move Is Bigger Than the Device
This part matters more than the funding round.
A lot more.
Hardware companies usually die when they stay hardware companies.
Margins compress.
Competitors copy features.
Users buy once and disappear for years.
But platforms?
Platforms scale differently.
The moment Foundation opened the SDK, simulator and developer tooling, this stopped being a product launch and started becoming ecosystem infrastructure.
That’s a completely different game.
The AI Coding Agent Detail Wasn’t Random
One line stood out immediately.
Foundation says AI coding agents can build and test applications directly on Passport hardware using their MCP tooling.
That’s not a throwaway feature.
That’s the company signaling exactly who they think future developers will be.
Not just humans.
Agents.
And honestly, that part gave me flashbacks to early smartphone platform moments — when companies realized the operating system mattered more than the device shell.
The Security Architecture Looks Serious
A lot of crypto security announcements are marketing fluff wrapped around recycled components.
This one feels more technically grounded.
Rust microkernel architecture.
Dedicated Bluetooth isolation.
Post-quantum cryptography.
Open-source operating system.
Those aren’t random buzzwords stitched together for fundraising decks. They reflect a pretty coherent design philosophy.
Especially the isolated Bluetooth chip.
That tells me they’re thinking heavily about attack surfaces instead of just stacking features.
The “Post-Quantum” Angle Will Trigger Debate
I can already hear people rolling their eyes at the quantum-resistant branding.
Fair.
Crypto companies love slapping “post-quantum” onto products because it sounds futuristic.
But here’s the thing: even if practical quantum threats are still years away, enterprise buyers increasingly expect future-proof narratives in security infrastructure.
So whether it matters technically today is almost beside the point commercially.
The label itself has value now.
Cake Wallet Joining Early Matters More Than People Think
Cake Wallet being the first outside integration is actually smart positioning.
Cake has real users. Real crypto-native credibility. Real distribution.
That gives Foundation immediate legitimacy beyond just investor hype.
Because without external developers, KeyOS risks becoming another closed ecosystem nobody builds on.
And that’s the graveyard of ambitious hardware platforms.
But Here’s the Risk Nobody’s Talking About
This market may not exist yet.
That’s the gamble.
Foundation is building for a world where AI agents routinely execute high-value actions independently.
We’re heading there fast. I believe that.
But timing matters.
Build too early and you burn capital waiting for adoption curves to catch up.
And hardware companies don’t get infinite retries.
The Device Itself Isn’t Cheap
$349 is not impulse-buy territory.
Especially in a market where consumers already own phones capable of basic authentication flows.
So Foundation needs users to believe two things simultaneously:
- AI agents will become deeply integrated into daily workflows
- Existing consumer devices cannot safely manage that future
That’s a harder sell than Bitcoin self-custody alone.
Still, My Gut Says They’re Pointing in the Right Direction
I think most people are underestimating how ugly the AI security layer is about to become.
We’re entering a period where software agents will increasingly:
- Move money
- Access enterprise systems
- Execute workflows
- Interact with private data
- Approve operational tasks
And the current approval infrastructure was never designed for that environment.
Foundation seems to understand this earlier than most.
That doesn’t guarantee success.
But it does make them one of the more interesting security bets in crypto right now.
What I’d Watch Next
Not token launches.
Not marketing.
Developers.
If outside builders actually start creating meaningful KeyOS applications, then Foundation has a real shot at becoming infrastructure instead of just another hardware startup.
That’s the line that matters.
Because hardware alone rarely wins long-term.
Platforms do.