TL;DR - yubi key up your butt or HFSP
Discussion
probably consider getting a new auth key doodle
but honestly, the "hidden" functions of the device have turned out to be mostly useless for me, the one thing i use it for now is basically an instant password sender as a virtual USB keyboard
which is instantly cloneable of course lol
the other stuff, pssh, honestly, what i know about elliptic curve cryptography and security
THERE IS NO DEVICE EXISTING THAT SIMPLY ACCEPTS A HASH AND SENDS BACK A SIGNATURE
and this is a market aching need, right now, and it's not that hard to fix, i'm pretty sure there is devices that can boot in a second that have computational capacity to make a signature only, and nothing else
btw, did you know:
standard google authenticator uses SHA1 hashes
sooner or later one ought to plant face to some of horror stories, and deal with its resolution the best possible so risk of getting rekt if otherwise...
honestly, i just want a little thing that signs a hash when i plug it in... then there is no cloning risk
only stealing risk
in that case the goal is not collision resistance but generating unique numbers from a secret and timestamp
which has still not been attacked successfully