"Modern smartphones are complex, closed platforms with software and hardware abstracted away from the user. Precursor seems about as far in the other direction as it's possible to get. "
"In short, it’s a maximally open, verifiable, and trustworthy device. Even the processor is instantiated on an FPGA so you know what’s going on inside the silicon."
"Más ligera y pequeña que un smartphone convencional, esta plataforma de desarrollo para computación y comunicaciones móviles seguras está equipada con dos chips y disponible como hardware abierto."
"Its deceiving looks hide an open hardware development platform for mobile communication and computation in a secure environment."
"It is very rare, especially in this age, to find an electronic device that looks like a work of art rather than a simple, variably honest source of profit for its manufacturer. Yet the Precursor falls entirely into the former category..."
"A mobile, open-source hardware devkit powered by not one, but two FPGAs"
Precursor is an open hardware development platform for secure, mobile computation and communication. This pocket-sized device accommodates a built-in display, a physical keyboard, and an internal battery while remaining smaller and lighter than the average smartphone. Precursor was built for use on the road, but it compromises nothing as a development platform. Powered by an FPGA-hosted, soft-core System-on-Chip (SoC), it gives developers the freedom to inspect, verify, and customize nearly every aspect of its operation. Help us take those critical first steps toward a world in which silicon-level trustworthiness is attainable.
We are accustomed to accepting the word of large corporations, like Apple and Google, that our gadgets are trustworthy. Without any hard evidence, we’ve long had to take in on faith that our privacy is being respected and that our personal data is not just one backdoor away from being stolen, exploited, or exposed. (We’ll go ahead and leave "monetized" off that list, since we all know that’s happening.) We’ve had to accept this reality in large part because we’ve had no other choice. Precursor changes the status quo by making evidence-based trust a core principle of its design. We have subjected every aspect of this platform to a level of scrutiny that will allow users to trust their devices. You, the user, will be able to trust Precursor based on scientific evidence that is observable without access to a million-dollar microscope.
The principle of evidence-based trust was at work in our decision to implement Precursor’s brain as an SoC on an FPGA, which means you can compile your CPU from design source and verify for yourself that Precursor contains no hidden instructions or other backdoors. Accomplishing the equivalent level of inspection on a piece of hardwired silicon would be…a rather expensive proposition. Precursor’s mainboard was designed for easy inspection as well, and even its LCD and keyboard were chosen specifically because they facilitate verification of proper construction with minimal equipment.
Thanks to this pivotal design principle, Precursor is well-suited as a hardware development framework for security-critical applications such as password managers, authenticators, crypto wallets, and secure messaging platforms.
Precursor is also distinctive among open hardware gadgets in that it was designed from the ground up for portability. While most open hardware FPGA development boards share Precursor’s evidence-based, compile-your-own-CPU trust properties, none of them are packaged into a slim, 7.2 mm, machined-aluminum case, complete with a charger, a battery, a display, and a keyboard. And speaking of batteries, Precursor draws less power than most other FPGAs thanks to the "-1L" variant Xilinx Spartan 7-Series at its heart. (The "L" stands for "low leakage.") That efficiency — combined with a super-low-power Lattice iCE40 UP5K FPGA for deep-sleep system management and a Silicon Labs WF200 with integrated network co-processor for Wi-Fi connectivity — allows Precursor to achieve a standby time measured in days and an active screen time of about five to six hours.
Precursor gets your bright idea out of the lab and into your pocket. And if that idea happens to involve software for a password manager, a crypto-wallet, a secure messaging platform, or something similar, then Precursor also gets it well on its way toward its destination as a packaged product.
The most important difference between a jail and a home is who controls the lock on the door. Most smartphone companies want you to believe that the gilded jail they’ve designed for you is the safest place to spend your time. Precursor takes a different approach. By giving you the keys to the lock, it gives you a home. And, like your actual home, you’re free to make it your own because we’ve published 100% of Precursor’s design source, from the outer case to the inner CPU core. And once you’re done configuring and inspecting your system, you can activate Precursor’s security features to protect your newly redecorated home from unwelcome intruders.
We are the first to admit that Precursor isn’t for everyone. It’s a new class of development platform, made for security- and privacy-critical applications. We know it’s not going to replace your smartphone today. Rather, we see it as an indicator of good things to come from the open hardware ecosystem.
Toward the lower left, you’ll see some of FPGA development boards that share Precursor’s ability to compile its primary CPU. Such devices are well within the intersection of trustability and hackability, but they are not pocket-ready. (They might fit in your pocket, sure, but they’ll have pretty limited utility when you pull them out. Unless of course you plan on strapping them to a keyboard, a battery, and a display, in which case…why not let us do it for you?)
Toward the upper left, we have a whole category of devices—including FPGA development boards with hardwired internal CPUs capable of running mainline Linux—that will get the job done if all you care about is hackability. But these devices fail the pocket test as well. And, worse yet, they require that you take the vendor at their word about the absence of undocumented backdoors in those hardwired CPUs.
On the top, toward the middle are devices for enthusiasts who desire pocketability and hackability but who don’t have a strong need for evidence-based trust. Products like the Librem 5 and the PinePhone fall into this category.
Toward the upper right, you’ll find the supercomputer-in-your-pocket smartphones of today. Nothing holds a candle to iOS and Android devices if you’re looking for all the power you can get and have no need for hackability or evidence-based trust
And right there in the middle is Precursor, quite possibly the only device around that occupies the intersection of evidence-based trust, pocket-readiness, and hackability.
Precursor is much more than an FPGA development board and much less than a mobile phone. The tables below help to place Precursor within two different continua: one of gadgets and one of FPGA development boards.
For each of the Palm, Blackberry, and Nintendo families of gadgets, we’ve picked two devices: one from the generation with slightly less raw computing power than Precursor (such as the Palm m515) and one from the generation with slightly more raw computing power (such as the Palm Treo 600). We’ve also included the Samsung A11 smartphone, just to keep ourselves honest. If we’re willing to set aside evidence-based trust and hackability, today’s proprietary, full-custom, mass-market production techniques can achieve a truly incredible price-to-performance ratio.
Our four main takeaways from the table are as follows:
|Precursor||Palm m515||Palm Treo 600||Blackberry 6210||Blackberry 8700||Nintendo DS||Nintendo 3DS||Samsung A11|
|MSRP at release year||$512||$399||$600 (no contract)||CAD$449 ~$315||$349 (1-yr contract)||$149.99||$249||$138|
|Release price (2020 equivalent)||$512||$576||$847.56||$445||$464||$205||$287||$138|
|CPU/FPGA||XC7S50||MC68VZ328||OMAP1510||ARM7EJ-S (AD6528)||PXA901||ARM946E-S||ARM11 dual||A53 octa|
|CPU core speed||100 MHz||33 MHz||144 MHz||"It's a secret" (NDA-only)||312 MHz||67 MHz||268 MHz||1.8 GHz|
|RAM||16 MiB||16 MiB||8+24 MiB||2 MiB||16 MiB||4 MiB||128 MiB||2 GiB|
|Storage||128 MiB OPI SPI||4 MiB||24 MiB RAM||16 MiB||64 MiB||256 kiB cartridge||2 GiB||32 GiB|
|Display (Primary)||336x536 mono||160x160 color||160x160 color||160x100 mono||320x240 color LCD||256x192 color LCD||800x240 3D LCD||720x1560 PLS TFT|
|Wired connectivity||USB 2.0 Type-C||RS-232||USB||USB 1.1||USB||Link cable||Link cable||USB2.0 Type C|
|Hack ports||8x GPIO + I²C internal hack port||None||None||None||None||None||None||None|
|Wireless connectivity||Wi-Fi||IrDA||GSM, IrDA||GSM||GSM, Bluetooth||Wi-Fi||Wi-Fi, IR||Wi-Fi, BLE, GPS, LTE|
|Input||Physical keyboard||Touchscreen||Physical keyboard, touchscreen||Physical keyboard and jog dial||Physical keyboard and jog dial||Touchscreen||Touchscreen, camera||Touchscreen, camera|
|Audio||Speaker, headphone/mic jack, vibe motor||None||Speaker, headphone/mic jack, vibe motor||Speaker, headphone/mic jack, vibe motor||Speaker, headphone/mic jack, vibe motor||Stereo||Stereo speakers, microphone||Speaker, headphone/mic jack|
|Battery||1100 mAh Li-Ion||1350 mAh?||1800 mAh||900 mAh?||1100 mAh||850 mAh Li-Ion||1300 mAh||4000 mAh|
|"Screen on" life||5-6 hours||4-7 hours||4 hours||5 hours||4 hours||15-16 hours||3-5 hours||28 hours|
|Sleep mode life||2-3 days||~1 week?||10 days||~2 weeks||~2 weeks||1 week||3 days||16 days|
|Case height||7.2 mm||12.7 mm||22 mm||20 mm||19.5 mm||28.9 mm||21 mm||8 mm|
|PCB design published||Yes||No||No||No||No||No||No||No|
|CPU design published||Yes||No||No||No||No||No||No||No|
Our hope is that Precursor will continue to appear over the next decade and a half as a benchmark in many tables like this one, as the starting point on a trend towards the performance and capabilities of mobile, open hardware solutions reaching parity with today’s proprietary solutions. In the meantime, we have to start somewhere. And with your help, we believe Precursor will live up to its name as a harbinger of good things to come.
The table below helps to place Precursor’s capabilities in a different sort of context, this time alongside a pair of development boards with similar FPGA logic capacity. There are really only two things that Precursor has in common with these boards: 1) they all use an FPGA for their CPU, and 2) they are all open hardware, with published PCB and CPU design source. As a result, this is a bit of an apples-to-oranges comparison, but it’s the best we could come up with.
|Precursor||NeTV2 "just the board"||Arty A7-100T|
|MSRP at release year||$512||$215||$249|
|Release price (2020 equivalent)||$512||$215||$249|
|CPU core speed||100 MHz||100 MHz||100 MHz|
|RAM||16 MiB||512 MiB||256 MiB|
|Storage||128 MiB OPI SPI||8 MiB SPI||16 MiB QSPI|
|Display (Primary)||336x536 mono||None||None|
|Wired connectivity||USB 2.0 Type-C||Ethernet, HDMI, Rpi Hat, PCIe, microSD||Ethernet, USB|
|Hack ports||8x GPIO + I²C internal hack port||Serial, "hack" pins on PCIe and header||4x Pmod + Arduino|
|Input||Physical keyboard||None||4 buttons/4 switches|
|Audio||Speaker, headphone/mic jack, vibe motor||None||None|
|Battery||1100 mAh Li-Ion||N/A||N/A|
|"Screen on" life||5-6 hours||N/A||N/A|
|Sleep mode life||2-3 days||N/A||N/A|
|Case height||7.2 mm||51 mm||N/A|
|PCB design published||Yes||Yes||Yes|
|CPU design published||Yes||Yes||Yes|
The Precursor tier includes the following items in the box:
The Limited Edition Precursor tier includes all of the above, with a special limited edition case. You will also receive the regular production aluminium case body as well, as a bonus spare part.
What exactly is the Limited Edition case? In a fashion similar to ordering omakase at a sushi bar, we’re going to prepare a premium experience for your enjoyment. In the end, however, what you get will be a bit of a surprise!
Part of the purpose of Precursor is to validate the system-on-chip (SoC) design we hope eventually to produce as a custom ASIC for use in future such products. This SoC, which we call "Betrusted-SoC," is meant to be the central pillar of security for devices like Precursor. The version of Betrusted-SoC used in Precursor is based on a Xilinx FPGA and has the following features:
In addition to using Precursor to validate the SoC, we are also validating the embedded controller (EC) that’s in charge of standby power functions, as well as firewalling the untrusted hardware domain in devices like Precursor. The version of "Betrusted-EC" used in Precursor is based on a Lattice FPGA and has the following properties:
Precursor consists of the following major elements:
Once the campaign has concluded and we know our final volume, we will begin manufacturing according to the following time line:
We will be relying on Mouser Electronics, Crowd Supply’s fulfillment partner, to handle the global shipment of devices to backers. For more information about shipping, please see Crowd Supply’s Ordering, Paying, and Shipping guide and the International shipping section of their Fulfillment & Logistics guide.
The biggest risk hanging over this project is the uncertainty brought about by the COVID-19 pandemic. Previously, a visit to a facility would almost be a day trip from Singapore; currently, such visits may be possible but only with several days of quarantine, health documentation, and other red tape such as invitation letters and strict itineraries. The strict itineraries are particularly difficult in the face of tasks like compliance testing and factory bring-up, as it is very hard to predict how long these take. That said, all of the countries involved in the Precursor supply chain have taken steps — rooted in science — to manage the pandemic, and their populations have generally complied with mask mandates. This significantly reduces risks and increases the likelihood that we will be able to deliver Precursor on time. At the moment, all suppliers are indicating "normal" lead times for components. If there is another global infection wave, however, it could add months to the delivery schedule.
Political uncertainty in the United States is also a significant risk to Precursor. The outcome of the 2020 election, and whether that outcome is accepted peacefully by all parties, will have a huge impact on global supply chains, as well as trade tariffs and diplomatic relations. It could also have a significant impact on the legality of end-to-end encryption technology. Precursor’s South Korean country of origin currently allows it tariff-free import to the US. It is, however, conceivable that the US will radically change its policies within the next year, thereby making it difficult or impossible to import Precursor into the US.