Hacker News

Xous security focused open source on 22nm custom silicon

2026-03-0219:227215www.crowdsupply.com

It's been awhile! The last release was almost two years ago. In the intervening time, the Xous ecosystem has sprouted a custom chip, fabricated in TSMC 22 nm and made explicitly for the purpose of…

Mar 02, 2026

Project update 40 of 40

by bunnie

It’s been awhile! The last release was almost two years ago. In the intervening time, the Xous ecosystem has sprouted a custom chip, fabricated in TSMC 22 nm and made explicitly for the purpose of running Xous. The chip is called the Baochip-1x, and you are invited to participate in the "Dabao" campaign for evaluation board pre-orders.

Going to custom silicon removes the supply chain hardening benefit of compiling your own FPGA code from scratch, but it greatly reduces the barrier to entry: while Precursor costs about $600, the Dabao sells for about $9. To compensate for the lack of transparency into the physical construction of the chip, the Baochip-1x is packaged in a WLCSP with a polished back-side, facilitating IRIS-style inspection. You can’t check every wire and connection using IRIS, but it’s better than simply trusting that whatever is in a black plastic square contains exactly the chip you were promised, no more, no less.

This release marks the finalization of the boot0/boot1 artifacts for this chip. From the perspective of Precursor users, my goal is for you to notice absolutely no change. Thus, since there are no CVEs or new features relevant to you in this release, it’s safe to skip applying it.

Release Details For Developers

I’m the type of person who likes to run with a stable release on a piece of hardware forever - especially things that are integral to my workflow - so extra effort was put into ensuring that the behavior is identical despite substantial internal upgrades to the kernel.

That being said, here’s a few of the major things that happened in this release, which would be mostly of interest if you’re developing programs for the Precursor platform.

  • rkyv is upgraded to 0.8. This makes serialization of most std objects very ergonomic, with the caveat that objects are strictly limited to one page of memory (going over that limit will cause a panic).
  • xous-ipc was revised to 0.10; this is a breaking change for developers. In particular, the chat-test application needs to have its keys deleted and re-generated because the serialization format has changed. Also, xous_ipc::String<N> is fully deprecated.
  • A number of libraries were refactored and re-organized to allow for a more slimmed down version of the OS. In particular, Baochip targets have fully on-chip RAM and ROM, so it's a step-up in difficulty to flip bits of memory as a physical attacker. This allows us to strip out some of the intermediate servers that are used to hide sensitive services.
  • blitstr2 is now in libs
  • gam, modals, and graphics-server have been refactored to allow a configuration that does't have the intermediate gam layer. It is also now a little easier to add new screen sizes and frame buffer targets
  • Swap memory is now a thing. This is not relevant for Precursor users, although it has been tested on the Precursor platform, so if you really need more RAM, you could hack up an external SPI RAM and get more memory.
  • pddb and root-keys have been refactored to support leaner targets. In particular, the key API has been pushed into a keystore-api crate that allows an entirely new implementation of key stores for the Baochip platform while not breaking backward compatibility for Precursor.
  • Various small kernel performance issues were fixed, mostly improving performance such as eliminating an extra MMU trip in sharing pages.
  • The bootloader was refactored, in particular the argument generation now uses alloc which allows for a more auditable, understandable piece of code in that critical section.

These are some of the most significant changes off the top of my head; but in the end, the most significant change of all is the addition of the Bao-1x target. The Bao-1x features a 350MHz Vexriscv, with 2 MiB of RAM and 4 MiB of FLASH, so it’s quite a bit faster than the Precursor. A slimmed-down Xous build and a vscode plugin (search for "baochip" in the extension store!) was also made to help with new developer on-boarding for Xous.

New Ways to Keep in Touch

Finally, for timely updates, we recommend users to join the Baochip discord, or join "the-commit-log" channel on Matrix. We have been posting weekly updates here on progress on Xous.

Going forward, our plan is to keep maintaining compatibility and feature stability for Precursor. I’ll only drop a note to existing Precursor users if there’s a significant update that you should pay attention to or there’s a significant new product announcement.

As for future product plans with Baochip - yes, I have many ideas of what to build! But I only have 24 hours in a day. Progress has been slow but steady, so stay tuned and subscribed if you want to get a note when new products drop.

Happy Hacking,

-bunnie

Based in Portland, Oregon. Accepting projects worldwide.


Read the original article

ZiiS

Karma: 2883
...
 @Hacker__News
@hacker._news

Comments

  • By sockbot 2026-03-0615:123 reply

    For those unfamiliar with this project:

    Baochip is a license-free RISCV implementation with MMU. It is custom CPU logic hitchhiked on another company's SOC. The SOC is dual CPU like the rp2340, but with the other CPU fused off.

    Xous is a an operating system that runs on the Baochip and an FPGA version of it.

    Precursor is a prototype mobile hardware secrets device. It has an FPGA that runs Xous and costs around $600. One of the core goals of the project is to make inspectable hardware.

    This baochip is the next step is to make prototype devices cheaper by running xous on the baochip instead of FPGA. The baochip is inspectable using a technique called IRIS.

    Bunnie is leading this project.

    • By jauntywundrkind 2026-03-0616:49

      Almost. SoC is a 1+4 design, with a vexriscv main core (350MHz), and 4 tiny "Baochip IO" PicoRV cores (700MHz) (somewhat akin to the ultra-puny Programmable IO/PIO cores on rp2350). The crowdsupply for this board just opened. For on vexriscv, which has been around: https://hn.algolia.com/?q=vexrisc

      This is an embedded chip, not a full on application core like an arm cortex A78. No GPU, 2mb+256k onboard ram + psram external. But like a rp2350 there are graphics drivers. It has a ridiculously fast for its class internal execute-in-place flash. A rather featureful MMU for a device of its small size, to support it's rust based borrow-checked memory OS. Tons of security & encryption features such as sha256/512, blake2/3, ECC ram, TRNG, etc. 22nm doesn't sound impressive by modern standards but is pretty good for a small embedded chip; rp2350 is 40nm.

      The BIO is going to be ridiculous. Fully cross barred to output and just ridiculously fast.

      Previous discussion from 47d ago on Xous, with Baochip X1 mentions, https://news.ycombinator.com/item?id=46619059 (183 points, 69 comments, nice)

      I want Oxide to start an RFD for evaluate changing their base processor to this ("Gimlet"). Much higher security than anything else available. Switching off Hubris is probably a non-starter, it probably lacks some nice/necessary peripherals, and major supply chain risk, but also, an incredible open source chip you could go deeper on.

    • By tonypapousek 2026-03-0622:35

      His talk at Teardown last year was excellent; I’m glad to see development is still going strong.

    • By ysnp 2026-03-0620:381 reply

      Is the case that captures all RF still planned for the productised Baochip?

      • By sockbot 2026-03-0717:29

        I don't think so, because the Baochip is just the chip itself. Cases are more likely to be implemented as part of the application products, not the chip. The chip itself would never come with a case.

  • By sockbot 2026-03-0919:22

    https://www.crowdsupply.com/baochip/dabao/updates/what-it-is...

    Update from bunnie:

       In my mind, the Baochip-1x’s key differentiating feature is the inclusion of a Memory Management Unit (MMU). No other microcontroller in this performance/integration class has this feature, to the best of my knowledge. For those not versed in OS-nerd speak, the MMU is what sets the software that runs on your phone or desktop apart from the software that runs in your toaster oven. It facilitates secure, loadable apps by sticking every application in its own virtual memory space.

  • By sockbot 2026-03-0615:16

    https://youtu.be/DaWkfSmIgRs

    This talk from 3c explains the hardware and operating system side of the project.

HackerNews

About