Nostr Web Client

Thinking a little more, for a dev the prototype signing device should be an easy software only mod to a seedsigner.

Using a transport layer of QR code & cameras does seem like it'd be next level. Plus the device can show you what it is you are signing before you sign it, since it would have a screen.

As long as there's a solid way to unlock/authenticate to the air gapped device, you should be good to go.

That should be able to support FIDO2, which is basically what you descibed: sign a nonce to login. I'm not sure how browsers interact with FIDO2 devices, but there's presumably some layer that could be used as an nice interface.

Absolute worst case scenario: have a FIDO2 USB device that doesn't have any keys; it just acts as a bridge between the browser/OS (which expect a USB device) and the air gapped secret holder. That also has the advantage of working on computers without a camera. The camera would be on the USB device.

Now you've infected me. I kinda want that too now. Crowdfunded research and development project?

Reply to this note

Please Login to reply.

Discussion

Bill Cypher 2y ago

I'm not a dev so I never got past the idea phase. I'd do what I could though.

Dr. Hax 2y ago

Well, I am a developer, and I already have a pi zero zero...

The camera and screen are about $40 in total (after shipping).

If I get at least .0014 BTC to bc1pckaq2raj47nhmyzwrsjvfztnf9gmsfq7f0s5z3337jd8yy5ey5rqk2zqvz I vow to order the parts and take a crack at this. I'll post my progress on nostr as I go and all code and instructions will be MIT licensed (same as SeedSigner). Bill gets to name the project. Those are my terms.

Any extra coinage would serve as more motivation for me to make it a priority, put extra polish on it when it's functional, etc.

Dr. Hax 2y ago

The code in https://github.com/SeedSigner/seedsigner looks well organized, but there's a fair deal of abstraction that makes it hard to follow until you know the code base. So it'd probably go smoothly after some time investment up front.