Replying to Avatar bitcoinplebdev

So fido2 definitely possible MPC still to be determined

FROSTR (for now) is just for the individual so we use a trusted dealer setup to make it quick and efficient (also you are not an adversary with yourself so this works great for most nostr users to protect their nsec)

I believe an MPC setup would require a DKG for setting up the quorum so it will be a while before we work on the trustless solutions (for groups) first we solve for the individual!
Avatar
Emin, Nuri.com 8mo ago

Hi, I „solved“ it with fido2 not doing signing but gatekeeping the signing process and placed share A into the Secure Enclave of the phone and share B on the Secure Enclave of the server, this way we have no share or signing ever exposed anywhere, not even in RAM, does this sound right to you?

Reply to this note

Please Login to reply.

Discussion

Avatar
bitcoinplebdev 8mo ago

This sounds like it would work but I know one issue (for signing) is whatever process is doing the signing needs to be able to compute on the secp curve. I know iPhone for example does not have libsecp for their secure element

Does any fido2 standards support secp256k1?

Avatar
Emin, Nuri.com 8mo ago

Unfortunately you do not get secp256k1 with fido2, except some old YubiKeys... I could hack-it into the card, but then i lose the fido2 certification, so the idea now is to just use the passkey as a hardware gatekeeper for the MPC shares.

Like this:

https://www.mermaidchart.com/app/projects/bb9914a7-5c02-4735-a741-6177a3bf1230/diagrams/5218575b-0bfa-4f0d-9253-5dc5c4de8da2/version/v0.1/edit