Hello wonderful people! I'm bunnie - just noticed this is on HN. Unfortunately due to timezones I'm about to afk for a bit. I'll check back when I can, and try to answer questions that accumulate here.
This is wonderful! Also what a fantastic partnership that allowed adding a new CPU to that die. Kudos to them.
I had a lot of trouble finding out which open source license applies. Wikipedia’s RISC-V page doesn’t seem to say; its citation for being released under open source doesn’t seem to say which one either.[0] Could be wrong. Exhausted after working all day. But it’s not front and center…
On the RISC-V site I thought it might be more prominent too but if it is I missed it. I found some docs there licensed Creative Commons. Is that the license for the entire CPU? Even layouts and everything that is past the ISA to actual silicon?
RISC-V is a family of instruction sets (which have various chips implementing them). Think "X86-64".
It looks like the baochip-1x is using the VexRiscv CPU. The HDL is available here under MIT: https://github.com/SpinalHDL/VexRiscv
bunnie your book "Hacking the XBox" taught me how to get started on reversing electronics, took the fear out of the process, and replaced it with fun. Thanks for the multi-decades long effort you've made to make these tools available and accessible and approachable, your contributions to the hacker community are immeasurable and I cannot say thank you enough.
> Those with a bit of silicon savvy would note that it’s not cheap to produce such a chip, yet, I have not raised a dollar of venture capital. I’m also not independently wealthy. So how is this possible?
What kind of order of magnitude of cost are we talking about?
What are the next steps - is there some service to cut the wafer and put into a package for you?
The masks alone are single digit millions, but with all the design tools and staff costs typically tens of millions is the benchmark number for a tape out in this node.
After coming out of the fab, the chips go through probing, packaging and reeling.
Great work on the chip, I’m really onboard with the trusted computing aim!
Is there a way to bootstrap binary code into the reram? I’m thinking being able to ‘hand-type’ in a few hundred byte kernel rather than use a flashing tool
Personally, I love eating "bao" (a style of dumplings), but also coincidentally, a homophone of "bao" in Chinese (different character 保, similar sound) has a meaning of "protect; defend. keep; maintain; preserve. guarantee; ensure". So it means both things to me - one of my favorite foods, and also describes the technology.
"dabao" is just a pun on that - means "take-away" or "to-go". The dabao evaluation board is basically a baochip in a "to-go" package.
That would explain the naming of OpenBao, a fork of Hashicorp Vault. Goes with the other fork's name (OpenTofu) as well as the meaning you just mentioned.
> What’s a banker going to do with the source code of a chip, anyway?
Hand it to someone who does know what to do with it. It's not as important who initially gets the source so much as having it available when it is needed.
The Baochip is packaged in a form of package that is inspectable using IRIS. [1] It does not give perfect verification but it's the best I can offer until we have more open PDKs.
Yes, 1x Vexriscv RV32-IMAC + MMU, and 4x PicoRV32's as RV32E-MC for I/O processing, configured with extensions to enable deterministic, real-time bit-banging without having to count clocks.
It's a good model for MCU stuff. There were people pushing Chip Gracey (Parallax) to use RISC-V instead of his custom ISA when he designed the P2 a few years ago, but he chose to do his own thing. Which has made compiler development difficult.
This seems more on the RPI side rather than propeller, propeller was never a really good choice for production integration. This looks like it could hold its own in many contexts.
I didn't know there were partially open source RISC-V. I might have missed it in the article, but what was the reason for having some parts closed source?
It’s not the RISC-V core itself, it’s just some of the surrounding architecture to support the CPU, to turn it into a SOC. So the USB drivers, the AXI memory interfaces, and the analog components, like PLLs for generating clocks, or even the IO pad drivers. These components take the fully open RISC-V core which works in a simulator and makes it work like a normal physical chip would.
With the right equipment it is possible to probe the inside of a chip, allowing an attacker to measure or even alter internal signals down to the transistor level. Expensive, but very useful if it lets you extract a crucial shared secret.
The traditional defense against this kind of invasive attack is to put a grid of sense wires on the outermost metal layer, and measuring whether it has been tampered with: you can't get to the important bits without cutting through the security grid, but any kind of modification to the security grid triggers a self-destruct.
Hello wonderful people! I'm bunnie - just noticed this is on HN. Unfortunately due to timezones I'm about to afk for a bit. I'll check back when I can, and try to answer questions that accumulate here.
To anyone from crowdsupply listening, please turn down your VPN check. I am not stripping my privacy protection to use your site.
*edit, Crowdsupply does a full block on multiple VPN providers. There is no way to access their site without turning off your VPN.
You do realize that violating export regulations is a much bigger risk than losing a few individuals relying on snake oil security?
This is wonderful! Also what a fantastic partnership that allowed adding a new CPU to that die. Kudos to them.
I had a lot of trouble finding out which open source license applies. Wikipedia’s RISC-V page doesn’t seem to say; its citation for being released under open source doesn’t seem to say which one either.[0] Could be wrong. Exhausted after working all day. But it’s not front and center…
On the RISC-V site I thought it might be more prominent too but if it is I missed it. I found some docs there licensed Creative Commons. Is that the license for the entire CPU? Even layouts and everything that is past the ISA to actual silicon?
[0] https://www.extremetech.com/computing/188405-risc-rides-agai...
RISC-V is a family of instruction sets (which have various chips implementing them). Think "X86-64". It looks like the baochip-1x is using the VexRiscv CPU. The HDL is available here under MIT: https://github.com/SpinalHDL/VexRiscv
bunnie your book "Hacking the XBox" taught me how to get started on reversing electronics, took the fear out of the process, and replaced it with fun. Thanks for the multi-decades long effort you've made to make these tools available and accessible and approachable, your contributions to the hacker community are immeasurable and I cannot say thank you enough.
Thanks man!
> Those with a bit of silicon savvy would note that it’s not cheap to produce such a chip, yet, I have not raised a dollar of venture capital. I’m also not independently wealthy. So how is this possible?
What kind of order of magnitude of cost are we talking about?
What are the next steps - is there some service to cut the wafer and put into a package for you?
The masks alone are single digit millions, but with all the design tools and staff costs typically tens of millions is the benchmark number for a tape out in this node.
After coming out of the fab, the chips go through probing, packaging and reeling.
Can you share something about the subsequent per-chip manufacturing costs?
I run a hardware company now (thankfully in the age of AI), as a direct consequence of reading Bunnies book 'hardware hacker'
Thank you Bunnie.
Great work on the chip, I’m really onboard with the trusted computing aim!
Is there a way to bootstrap binary code into the reram? I’m thinking being able to ‘hand-type’ in a few hundred byte kernel rather than use a flashing tool
Cool project. Why is it called the Baochip/Dabao?
Is it big Bao? Or take-away (just learnt the second meaning), or something else?
Personally, I love eating "bao" (a style of dumplings), but also coincidentally, a homophone of "bao" in Chinese (different character 保, similar sound) has a meaning of "protect; defend. keep; maintain; preserve. guarantee; ensure". So it means both things to me - one of my favorite foods, and also describes the technology.
"dabao" is just a pun on that - means "take-away" or "to-go". The dabao evaluation board is basically a baochip in a "to-go" package.
That would explain the naming of OpenBao, a fork of Hashicorp Vault. Goes with the other fork's name (OpenTofu) as well as the meaning you just mentioned.
I think it’s take-away, or to go. Like when you order some food to go.
> What’s a banker going to do with the source code of a chip, anyway?
Hand it to someone who does know what to do with it. It's not as important who initially gets the source so much as having it available when it is needed.
Why the few closed-source components on the system? You mention the bus, USB PHY etc -- are those things harder to design than the CPU core?
They are likely licensed IP.
This is about transparency just like the Precursor, right? How can I know that my Baochip-1x is really what it says it is?
The Baochip is packaged in a form of package that is inspectable using IRIS. [1] It does not give perfect verification but it's the best I can offer until we have more open PDKs.
[1] https://bunnie.org/iris
Very cool! So there’s 5x riscV cores available?
Yes, 1x Vexriscv RV32-IMAC + MMU, and 4x PicoRV32's as RV32E-MC for I/O processing, configured with extensions to enable deterministic, real-time bit-banging without having to count clocks.
That reminds me a lot of the xmos xcore mcus with 8 cores. I am curious what kind of synchronization primitives have you added and why?
I'm actually working on a comprehensive write up on exactly this topic that should be out sometime next week!
Just ordered 2 to play with!
Sounds like the Parallax Propeller 1/2 as well.
It's a good model for MCU stuff. There were people pushing Chip Gracey (Parallax) to use RISC-V instead of his custom ISA when he designed the P2 a few years ago, but he chose to do his own thing. Which has made compiler development difficult.
This seems more on the RPI side rather than propeller, propeller was never a really good choice for production integration. This looks like it could hold its own in many contexts.
Nice! I love the specialized io processors. Fantastic work!
I didn't know there were partially open source RISC-V. I might have missed it in the article, but what was the reason for having some parts closed source?
It’s not the RISC-V core itself, it’s just some of the surrounding architecture to support the CPU, to turn it into a SOC. So the USB drivers, the AXI memory interfaces, and the analog components, like PLLs for generating clocks, or even the IO pad drivers. These components take the fully open RISC-V core which works in a simulator and makes it work like a normal physical chip would.
It seems it had hardware support for secure mesh. Anyone know what that is?
With the right equipment it is possible to probe the inside of a chip, allowing an attacker to measure or even alter internal signals down to the transistor level. Expensive, but very useful if it lets you extract a crucial shared secret.
The traditional defense against this kind of invasive attack is to put a grid of sense wires on the outermost metal layer, and measuring whether it has been tampered with: you can't get to the important bits without cutting through the security grid, but any kind of modification to the security grid triggers a self-destruct.
Moonton Mobile legend mm level15