sequenceDiagram

actor User as User / Wallet UI

participant SECURITYKEY as Biometric Hardware
(FIDO2 authenticator)

participant ENCLAVE as Secure Enclave
Share A

note right of ENCLAVE: Signing happens securely here,
ensuring no RAM leak.

participant HSM as Cloud HSM
Share B

participant BTC as Bitcoin Network

%% ─── Spend flow ───

User->>SECURITYKEY: 1️⃣ WebAuthn “get assertion” (physical touch)

SECURITYKEY-->>User: hmac-secret + signature

User->>ENCLAVE: 2️⃣ Unlock Share A (using hmac-secret)

ENCLAVE-->>User: Partial Signature A

User->>HSM: 3️⃣ Sign request + Security Key assertion proof

HSM-->>User: Partial Signature B

User->>User: 4️⃣ Combine Sig A + Sig B (FROST threshold)

User->>BTC: 5️⃣ Broadcast Taproot tx

BTC-->>User: Tx confirmed

Note over User,BTC: Full private key is **never reconstructed** Security Key touch and Biometrics is always required.