Foundation secures $6.4M to turn Bitcoin-grade security into AI agent authorization; Passport Prime ships, KeyOS widens

Foundation has raised $6.4 million to push beyond Bitcoin hardware wallets and into AI agent authorization. Alongside the funding, the company made its flagship Passport Prime device generally available and opened broader access to its KeyOS developer platform.

The strategic shift is clear: move from protecting private keys to governing what autonomous software is allowed to do with them. That’s the right problem to chase. As AI agents start handling payments, executing trades, and managing accounts, the weak link often isn’t cryptography—it’s permissioning. Who authorizes the agent, under what policies, with what limits, and how are those approvals audited and revoked?

Why turn a Bitcoin wallet into an authorization layer Wallets are already the user’s final trust anchor. Extending that anchor from one-off transaction signing to ongoing policy control gives users continuity: the same device that keeps keys offline can mediate what agents are allowed to sign, when, and how much.

If Foundation executes this thoughtfully, the value is less about “AI” and more about intent. Shift from raw signatures to verifiable intent binding—“this agent may move up to X per day to Y counterparties using Z venue”—enforced by a device the user already trusts.

What effective agent authorization likely requires - Policy-first UX: Clear, human-readable rules; default-deny; granular scopes, rate limits, and time-bound approvals. Anything ambiguous will fail in practice. - Session keys and revocation: Delegate ephemeral permissions to agents, with rapid kill-switches and automatic expiry. Durable without being permanent. - Deterministic isolation: Per-agent, per-app key derivation and segregation to minimize blast radius if an agent or integration is compromised. - Attestation and audit: Signed logs that bind what the agent claimed it would do to what it actually did, enabling forensic clarity and insurance-grade accountability. - Open, developer-centric APIs: Simple primitives that let agent platforms request scope and receive signed approvals without custom hacks.

Passport Prime going GA gives Foundation a hardware footprint to deliver these controls at the edge. Expanded access to KeyOS suggests the company wants developers integrating at the policy layer rather than wrangling raw signatures. That orientation can compress integration time for exchanges, trading bots, payment agents, and consumer automation tools that need non-custodial authorization with enterprise-grade guardrails.

Where the business leverage could show up - New revenue lines: Beyond devices, a developer platform with premium policy features can support subscription and enterprise licensing without custody risk. - Distribution compounding: Bitcoin-native users already prize security. If KeyOS makes agent permissions understandable in one tap, conversion can be efficient. - Ecosystem gravity: If agent platforms standardize around KeyOS-style scopes, Foundation can become the default authorization interface for non-custodial agents.

The frictions to watch - User trust: People will only authorize agents if policies are legible and reversible. Any UI ambiguity will be punished quickly. - Developer experience: SDK clarity, cross-platform support, and well-documented policy primitives will determine adoption speed. - Latency and reliability: Authorization checks that add noticeable friction to trading or payments won’t stick; local-first design helps. - Philosophical fit: Foundation’s Bitcoin-first ethos is a strength, but the AI agent world spans multiple rails. The brand will need to protect its security DNA while meeting multi-asset, multi-protocol demand.

What matters next - How KeyOS models scopes: categories (spend limits, venue allowlists), expiry, and revocation flows. - The quality of audit artifacts: Are intent, policy, and signature bound in a way insurers and compliance teams can trust? - Early integrations: Which agent platforms, brokerages, or wallets adopt KeyOS—and how fast?

The raise sets the stage; shipping Passport Prime and widening KeyOS access give Foundation the right knobs to turn. If authorization becomes the default abstraction for AI transacting on users’ behalf, the “wallet” that controls policy—not just signatures—wins mindshare.