When Mycelium Entropy is inserted into a USB port, it takes the contents of its microcontroller’s built-in static RAM as the primary source of entropy. This method is based on the paper by D.E. Holcomb, W.P. Burleson, and K. Fu: Power-up SRAM State as an Identifying Fingerprint and Source of True Random Numbers (IEEE Transactions on Computers, vol. 58, issue 9, 2009; DOI: 10.1109/TC.2008.212). Their results were confirmed by analysing the raw data collected from the Mycelium Entropy microcontroller.
The paper gives a conservative estimate that 32 bits of SRAM contain at least one bit of entropy on power-up. (The actual ratio is closer to 22:1.) The device collects 24 kbytes of raw data. This is estimated to have more than 6144 bits of entropy, or 24 times more than required.
Multiple health checks are run on the SRAM data to confirm its randomness.