When we say Open Source we mean all the code that is executed is Open Source.
To your point, there are extremely conservative people that claim that any proprietary elements automatically invalidate the Open Source claim. Most people on the other hand, understand that it depends on how this is implemented.
Let me use a metaphor to better understand what I mean by this, it’s gonna be fun.
Say you want to go from Paris to New York. You’d ideally want to take a plane, cause it’s the safest and fastest route there. Let’s say using a secure element is like taking a plane. When you take a plane however, you don’t really know what happens to your luggage. You drop it off, you fly, then you pick it up in your destination, but you don’t really know what happened to it during the flight - you have no way of verifying what happened in the cargo hold after all. Maybe there were people opening the lugagge during the flight, taking photos of it and then repacking everything. Maybe they swapped your luggage and handed you a very similar but different one. You just don’t know, and the concern is valid. If you don’t take a plane however, going from Paris to New York becomes a real challenge…
So what was our approach? We decided to be smart about it, and get the benefits of the plane without exposing ourselves to the risk of dropping luggage in the cargo hold. In Passports, you board the plane without any checked luggage. This way your backpack stays with you the entire flight. Is there a cargo hold where you don’t know what’s going on? Sure, yes. Does it affect you? Not at all, because you never dropped off any luggage so it doesn’t really have an impact on your stuff.
Should the fact that a plane has a shady cargo hold mean you should never fly one? Well, we think it’s better to fly on an airplane and just not use the cargo hold, than refusing to fly at all. We get the benfit of flying, without the dangers of a cargo hold.
Trezor decided that cargo holds were too dangerous so at first they bought a kayak and used it to cross the Atlantic. Three generations later they gave up because they realized it’s far too dangerous, and all the new models now use an airplane without checking in any luggage.
Blockstream was also anti-airplanes, but seeing that trezor’s kayak didn’t quite work they used another approach. They decided to go by ferry, but imagine the ferry only runs if you have an internet connection, and even then you rely on the captain’s memory to see you and say “ah yeah you were going to New York, right?”. So if the captain gets Alzheimer and doesn’t recognize you, you’ll never get to New York, if you don’t have an internet connection you can never leave Paris, and if the captain decides that you are going to Sao Paulo, Brazil, instead, there’s nothing you can really do about it so you better speak portuguese. Is this safer than a plane where you don’t use the cargo hold? I mean, I don’t know. I wouldn’t say so.
All this to say, Passport Prime uses a secure element, and despite that, we consider it to be fully open sourced because no code is executed in the shady parts of the secure element (and you can verify this is the case because the code is free and open source).
PS: Ledger uses a plane but they blindfold you in the airpot as soon as you arrive, they put you somewhere, you feel movement, they drop you somewhere, they remove the blindfold and give you “your luggage”, and tell you you have arrived to New York.