This Device Stops AI Going Rogue with Zach Herbert - Creator of the Passport Prime

AI agents are getting more powerful fast. But if your AI can use your computer, move money, deploy code, access accounts, and make decisions on your behalf… who actually holds the authority?

In this episode, I’m joined by Zach Herbert, CEO of Foundation Devices, to talk about Passport Prime, the future of hardware wallets, and why Bitcoin-style security might become essential for the AI age.

We get into why “human in the loop” is a false narrative, how agents can go rogue even without malicious intent, why your phone is a weak point for identity and 2FA, and how dedicated hardware could become the approval layer for both Bitcoin transactions and AI actions.

This conversation is about more than wallets. It’s about sovereignty, authority, and how humans keep control as automation becomes more capable.

**In this episode:**
- Why AI security is really an authority problem
- How hardware wallets evolve beyond Bitcoin
- Why “human in the loop” can be security theater
- Passport Prime and Foundation’s AI vision
- Bitcoin principles applied to AI agents
- The problem with phone-based 2FA
- Local AI, sovereign compute, and the next class divide
- Why the future of self-custody is bigger than money

Follow Zach Herbert:
https://x.com/zherbert

Foundation Devices:
https://foundation.xyz

Subscribe for more conversations on Bitcoin, AI, sovereignty, and the builders shaping what comes next.

**Chapters**

00:00 - The device that stops rogue AI
01:42 - Why modern computing feels so fragmented
04:58 - How Foundation uses AI internally
08:45 - AI security is an authority problem
10:27 - Your computer can’t tell you from your agent
12:24 - What happens when agents go rogue
14:09 - Is “human in the loop” security theater?
18:02 - Building policy engines into hardware
21:49 - Putting Passport between models and actions
25:39 - Bluetooth, encryption, and better UX
28:30 - Why phone-based 2FA is broken
31:26 - KeyOS, Rust, and reducing attack surface
33:52 - AI agents testing hardware apps
36:52 - Will AI agents use Bitcoin or stablecoins?
37:43 - Bringing Bitcoin security to AI
40:24 - The gap between AI users and sovereign operators
42:51 - Keeping authority while reducing screen time
46:23 - Active tamper protection
47:44 - Why manufacturing location matters

**Pinned Comment Option**

The big idea from this episode: AI agents don’t just need better prompts. They need authority boundaries.

If your agent can act on your behalf, move money, deploy code, or access accounts, then the question becomes: what should it be allowed to do without you?

That’s where Zach’s thesis gets interesting: the same principles Bitcoiners use for self-custody may become the security model for AI.