Keycard is open hardware for self-custody: a secure element smartcard that signs transactions on-chip, and Shell, a companion device that turns it into a full hardware wallet. Every layer is open source under MIT — the applet, the firmware, the schematics, the enclosure — and everything speaks standard protocols. If you can talk BIP-32, APDUs or animated QR codes, you can build on it.
Keycard is a contactless smart card that stores private keys and performs signatures on a dedicated secure chip (NXP JCOP4, certified EAL6+). It functions as a BIP-32 HD wallet, supporting key generation, derivation and signing, and allows exporting keys defined in the context of EIP-1581. Keys never leave the card: the hash to sign goes in, the signature comes out.
The most obvious integration case is crypto wallets (ETH, BTC, etc.), but Keycard fits any system that uses a BIP-32 key tree or needs hardware-backed authentication and identification.
Keycard communicates via NFC and the ISO-7816 contact interface. Communication happens through a simple APDU interface, with a secure channel guaranteeing confidentiality, authentication and integrity of all commands. It works on iOS/Android phones and on desktops with a USB smartcard reader; several wallets integrate it directly today — see the full list.
Keycard Shell is a full-fledged hardware wallet in which you insert your Keycard. It adds a keypad, a display, a camera and a USB port — and stays deliberately stateless: remove the card and the Shell forgets everything.
Shell enables air-gapped QR signing (animated UR QR codes — EIP-4527 for EVM, PSBT for Bitcoin) and on-device transaction verification with clear signing (ABI decoding, ERC-20 names, EIP-712, Bitcoin PSBT). This makes Keycard compatible with wallets like MetaMask, Rabby, Sparrow, BlueWallet and many more. Announced in March 2025, it evolved from a design journey starting in 2022 (Keycard Origins).
Everything is open. The applet, the Shell firmware, schematics, BOM and 3D files are all public and MIT licensed. Keycard Shell is the only multi-chain hardware wallet with fully open hardware. There is nothing you cannot inspect, fork or reuse.
Standard protocols only. BIP-32/39 key management, ISO-7816 APDUs, EIP-4527 and Blockchain Commons UR QR encoding, PSBT for Bitcoin, EIP-712 typed data. No proprietary formats, no vendor lock-in: an integration you write against Keycard follows the same standards as the rest of the ecosystem.
The secure element is the signer. Unlike most hardware wallets, keys are not exported to a general-purpose MCU for signing — all cryptographic operations run inside the EAL6+ certified chip, and the applet is immutable once the card is locked. The host (phone, desktop, Shell) never sees key material.
People you may know already trust it. Keycard Shell ranks #1 on Wallet Beat and scored 93% on hardware-wallets.net. Ledger's co-founder called it "a hardware wallet security designed the right way", Safe's CEO "an amazing piece of open-source hardware" — and even Keystone's CTO agrees.
Integrate Keycard into your wallet or app. Start with Getting Started and Core Concepts, then use the Keycard SDK (Java, desktop and Android). SDKs also exist for Go, Swift, Python, TypeScript and more — see the ecosystem page. If you work in another language, the Keycard API documents the card protocol — everything you need to implement it yourself.
Understand how it works. Core Concepts covers the card lifecycle and credentials model, the Shell API reference covers the QR formats, USB protocol and clear signing database, and the hardware specification lists the exact chips and certifications.
Build your own hardware. You can build your own Keycard on any compatible JavaCard, and build your own Shell from the published schematics and firmware.
Contribute. From adding contract ABIs (better clear signing for everyone) to porting SDKs — see how to contribute.
The current applet version is listed in the status-keycard releases. This documentation applies to the current protocol version. Semantic versioning is used throughout the project, with the omission of the patch number for the applet, but not the SDK and related tools.
Join the Discord to talk to the team, follow @Keycard_ for news, raise issues in the GitHub repos, or email support@keycard.tech.