That's the good question. Firmware must be open sourced for sure, there's no meaning in selling crypto protection device without open source firmware, however, unlike Terror and Ledger,  uploading firmware to device will be done in the centralised way. SenseLock dongle is programmed with Master Key, so there's no way to upload clean firmware to end user device without encrypting the file with the master key. In other words you cannot confirm the open source firmware on GitHub is equal to one you are downloading from our website until this process is confirmed by any other trustworthy third party. We plan to find trustworthy counterparty responsible for audit and compiling the firmware.

Another option is purchasing Master Key so you can compile program and upload to your working key by your side.