Can't a Bitcoin hardware wallet do at least in theory the same thing? Buy a Blockstream jade for 60$ generate a 12 word seed phrase and derive an infinite amount of public keys and use them as passwords on what every website your are visiting (through USB-C connection). You can label each pubKey so that you are not confused over time. If you want to increase the UX obviously some tiny software changes would help, but this shouldn't be a big deal. What is the difference, pros/cons to your approach? If you want it to be a DIY project, completely air gaped you could probably do it with a seedSigner (see on GitHub) and transmit the pubKeys through QR-Codes.
As many of you know, I've been hot to trot with crypto since the late 90s when I found out about PGP. I've audited a bunch of cryptosystems and found some amazing bugs that I was able to exploit in practice, not just in theory.
Now I have a new project. Defensive this time.
It's an open source, encrypted hardware password manager called Signet. To explain why I think this is an important tool to add to your arsenal, let me share the story of how I got here.
I'd love to have crytographically secure logins everywhere. That's what FIDO2 (aka webauthn, aka passkeys) are, but there are some major problems with that.
1. Poor adoption
2. When it is adopted, often only as 2FA despite being stronger than passwords
3. Even where it is really the passwordless future that we've been promised, you still need a password in case you lose your device
It could be different. It cold be better. But in practice, this is what we have and will continue to have for the foreseeable future.
Password managers are the next best thing. Passwords can have as much entropy as cryptographic keys (when allowed to be that long and complex). You only have to remember a few passwords, possibly as few as one, depending on your threat model. Some password managers can also store secrets for TOTP generators.
However these have a few shortcomings as well:
1. You can't tell when passwords being accessed
2. It's possible for a non-root attacker on your machine to dump all password databases that have been unlocked since they gained access. This is true for all software password managers I've seen and nobody is claiming to defend against this.
3. Some of them (e.g. Lastpass) don't work when your you're offline.
4. Passwords are stored on a machine that is always online
That's why I am building Signet devices. They require a device password and physical button press to unlock, and then another button press for each password/secret.
So even an attacker who rooted your machine before you unlocked the device can not dump your entire database! You can also easily disconnect the device containing all your secrets when it's not in use. You can tell when an attempt is made to access your data because the light on the device will flash. Finally, it won't be accessed without your knowledge or consent, as you are not going to press the button to help out an attacker.
Overall, it is more secure than pure software password managers, while still remaining easy to use.
If you are thinking, wait hasn't that been done before? Yes. It has. It was called Signet and is the same project. But then the original authors mysterously disappeared. So I revived the Signet project, because I see no need to reinvent the wheel.
I have updated the hardware design, updated the software and now am maintaining all of it. I am also building the hardware.
The beauty of open source hardware & software is that you don't need to trust me to use the device. You can visually inspect the board to confirm the switch physically puts the CPU is put into bootloader mode. The firmware has reproducable builds, so you can verify the binary matches the code. Flash away and put your mind at ease.
If you want to learn more about these devices, check out https://hax0rbana.org/signet to watch a 2 minute intro video and links to places where you can buy them.
Discussion
With enough software changes, a bitcoin hardware wallet could do most of what Signet does. There are some differences:
- Signet is here and now, not just hypothetical
- Public keys are not acceptable passwords at many sites due to annoying and often counterproductive password rules (length, character sets, etc)
- Bitcoin wallets generally don't act as a keyboard. They usually have some other mechanism to get data from the device to the host. Again, maybe with enough firmware changes it could be done
- Signet is only $40 USD, which is pretty cheap IMO
- The code is very small and just does one thing well. If one were to replace their hardware wallet's firmware with password manager firmware so it no longer acts as a hardware wallet, that same focus could be achieved. The flip side of this is that a hardware wallet with firmware to do BTC + password managent could try to be everything to everyone in a single device.
- Physically smaller than a Trezor Model T or Blockstream Jade
The advantage of the bitcoin wallets that have a screen is that the user can verify what thing (e.g. password) is being requested. In bitcoin, a single signed transaction is a BIG DEAL. One password out of a few hundred could also be a big deal, but I keep my super important passwords (e.g. password/key to encrypted backups) on a separate Signet device. So the impact is that the attacker can get through the first factor auth of some site, and then the attacker would immediately be detected because the user didn't receive the password that they wanted.
I'll be the first to admit that FIDO2 is a better solution than a Signet. The problem is that the service provider decides whether you can use FIDO2 or not. In other words, you basically need their permission/blessing.
It's funny you should mention using a nostr:npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl because I have contributed to that project and was working on another authentication system that would allow authenticating to a website with it, much in the same way FIDO2/passkeys work. The drawbacks to that approach are:
1. It's cumbersome to scan QR codes back and forth and navigate the menus
2. It suffers from the same adoption problem as FIDO2 where the website needs to change their authentication system and most have not chosen to do so
3. It only works on computers with cameras (fine for phones, but none of my laptops/desktops hsve cameras)
SeedSigner is a great project and very well run. I plan on getting back to that air gapped auth project in the future, but right now I need to wrap up some projects, or at least wrap up the loose ends so I can set 'em down for a bit without losing progress.
Thanks for the explanation/clarification.