The app then prompts for your TAPSIGNER to be scanned. After a certificate check to verify the authenticity of the card, the Tapsigner signs the digest and the signature is returned to our server.
Discussion
Our server uses a secp256k1 implementation to verify the ECDSA signature against the digest and the master xpub (public key) of the TAPSIGNER. If that signature is valid, the user is authenticated.
What is the Best Practice violation? Never store a PIN code! We're storing it on our server to provide a better user experience (UX) when scanning the TAPSIGNER. After entering a username & password, you wouldn't want to then have to enter the PIN on your phone.
If an attacker had your TAPSIGNER, they'd still need your username/password to authenticate and vice versa. We don't secure funds with these Tapsigners. They are only for 2-factor authentication, so the Best Practice violation seems like a reasonable trade-off for this use case.
One alternative is we could only use the TAPSIGNER for authentication. Just scan it, type in your PIN, & you're authenticated, no username/password needed. If you lost your Tapsigner, an attacker would still need to know your PIN to authenticate, which is now not on our server.
Will we implement this in production? We'll see, but it's been a fun project and the TAPSIGNER is a great product!
Check out megawatthq.com 👀 for all of your miner hosting needs! The company was founded at the Indy Bitcoin meetup, so get out there and support your local #Bitcoin groups. You never know who you'll meet.