Hello wonderful people! I'm bunnie - just noticed this is on HN. Unfortunately due to timezones I'm about to afk for a bit. I'll check back when I can, and try to answer questions that accumulate here.
> Those with a bit of silicon savvy would note that it’s not cheap to produce such a chip, yet, I have not raised a dollar of venture capital. I’m also not independently wealthy. So how is this possible?
What kind of order of magnitude of cost are we talking about?
What are the next steps - is there some service to cut the wafer and put into a package for you?
bunnie your book "Hacking the XBox" taught me how to get started on reversing electronics, took the fear out of the process, and replaced it with fun. Thanks for the multi-decades long effort you've made to make these tools available and accessible and approachable, your contributions to the hacker community are immeasurable and I cannot say thank you enough.
I didn't know there were partially open source RISC-V. I might have missed it in the article, but what was the reason for having some parts closed source?
Great work on the chip, I’m really onboard with the trusted computing aim!
Is there a way to bootstrap binary code into the reram? I’m thinking being able to ‘hand-type’ in a few hundred byte kernel rather than use a flashing tool
The chip comes from the factory with a boot0/boot1 chain that is fully reproducible and buildable from source. Developers can replace boot1 with their own version, where you could add the feature you're thinking about.
> What’s a banker going to do with the source code of a chip, anyway?
Hand it to someone who does know what to do with it. It's not as important who initially gets the source so much as having it available when it is needed.
This is wonderful! Also what a fantastic partnership that allowed adding a new CPU to that die. Kudos to them.
I had a lot of trouble finding out which open source license applies. Wikipedia’s RISC-V page doesn’t seem to say; its citation for being released under open source doesn’t seem to say which one either.[0] Could be wrong. Exhausted after working all day. But it’s not front and center…
On the RISC-V site I thought it might be more prominent too but if it is I missed it. I found some docs there licensed Creative Commons. Is that the license for the entire CPU? Even layouts and everything that is past the ISA to actual silicon?
RISC-V is a family of instruction sets (which have various chips implementing them). Think "X86-64".
It looks like the baochip-1x is using the VexRiscv CPU. The HDL is available here under MIT: https://github.com/SpinalHDL/VexRiscv
In general, things that are not strictly digital (PHYs, regulators, PLLs, ADCs) contain significant amounts of foundry IP that would be hard to release as open source. But also, some parts of the chip, for example the AXI bus fabric, were licensed simply as a risk reduction measure. If the bus fabric is bad, you've wasted millions of dollars on a mask set with little recourse. I tried to pull in some open source AXI fabrics and it wasn't pretty...a lot of rework required and even then still some bugs made it through to tape-out. Over time more and more of this can be opened but it all takes time, money, and people willing to do it.
Wait a minute, why can't I reply to bunnie's top-level comment? Anyway, here's what I wanted to say:
Adding your CPU to another company's silicon is a genius move, well done. I wonder why companies don't sell their spare die space to others, is it because of trust/risk?
MMU's have held sway for nearly 60 years, but I wonder if in ten years time when the AI is the whole stack/runs the whole stack and the majority of us wont be running anything but prompts they will be required. I have a big interest in how the AI will penetrate into the hardware level, not just as a sci-fi fan/author but as an electronics engineer/programmer. I should add that I doubt AI hardware will penetrate much into the embedded market due to cost.
A bit sad to see another famous hacker turning to the "dark side" --- as "security chips" are a treacherous slippery slope, no matter who controls them. Just because it's "open source" doesn't mean it's a good thing.
Edit: give Stallman's "Right to Read" another read.
> If the pen tester doing a security evaluation judges that a bug is easier to find and exploit if the source code is public, then, sharing the source code lowers your score
Good on the author for calling out how nuts this is! In the age of LLM coding agents, I feel this mentality needs to change quickly. Security through obscurity is dead. LLMs have little to no issues conversing in encoded or obfuscated data.
30 comments
[ 2.6 ms ] story [ 58.9 ms ] threadIs it big Bao? Or take-away (just learnt the second meaning), or something else?
What kind of order of magnitude of cost are we talking about?
What are the next steps - is there some service to cut the wafer and put into a package for you?
Thanks man!
Is there a way to bootstrap binary code into the reram? I’m thinking being able to ‘hand-type’ in a few hundred byte kernel rather than use a flashing tool
Hand it to someone who does know what to do with it. It's not as important who initially gets the source so much as having it available when it is needed.
*edit, Crowdsupply does a full block on multiple VPN providers. There is no way to access their site without turning off your VPN.
I had a lot of trouble finding out which open source license applies. Wikipedia’s RISC-V page doesn’t seem to say; its citation for being released under open source doesn’t seem to say which one either.[0] Could be wrong. Exhausted after working all day. But it’s not front and center…
On the RISC-V site I thought it might be more prominent too but if it is I missed it. I found some docs there licensed Creative Commons. Is that the license for the entire CPU? Even layouts and everything that is past the ISA to actual silicon?
[0] https://www.extremetech.com/computing/188405-risc-rides-agai...
Thank you Bunnie.
https://www.youtube.com/watch?v=H5CR-7TJtm0
Adding your CPU to another company's silicon is a genius move, well done. I wonder why companies don't sell their spare die space to others, is it because of trust/risk?
I'm also curious about the current draw, but I couldn't find anything?
Big fan of this project by the way.
Edit: give Stallman's "Right to Read" another read.
Good on the author for calling out how nuts this is! In the age of LLM coding agents, I feel this mentality needs to change quickly. Security through obscurity is dead. LLMs have little to no issues conversing in encoded or obfuscated data.