Dr. Hax on Nostr: With enough software changes, a bitcoin hardware wallet could do most of what Signet ...
With enough software changes, a bitcoin hardware wallet could do most of what Signet does. There are some differences:
- Signet is here and now, not just hypothetical
- Public keys are not acceptable passwords at many sites due to annoying and often counterproductive password rules (length, character sets, etc)
- Bitcoin wallets generally don't act as a keyboard. They usually have some other mechanism to get data from the device to the host. Again, maybe with enough firmware changes it could be done
- Signet is only $40 USD, which is pretty cheap IMO
- The code is very small and just does one thing well. If one were to replace their hardware wallet's firmware with password manager firmware so it no longer acts as a hardware wallet, that same focus could be achieved. The flip side of this is that a hardware wallet with firmware to do BTC + password managent could try to be everything to everyone in a single device.
- Physically smaller than a Trezor Model T or Blockstream Jade
The advantage of the bitcoin wallets that have a screen is that the user can verify what thing (e.g. password) is being requested. In bitcoin, a single signed transaction is a BIG DEAL. One password out of a few hundred could also be a big deal, but I keep my super important passwords (e.g. password/key to encrypted backups) on a separate Signet device. So the impact is that the attacker can get through the first factor auth of some site, and then the attacker would immediately be detected because the user didn't receive the password that they wanted.
I'll be the first to admit that FIDO2 is a better solution than a Signet. The problem is that the service provider decides whether you can use FIDO2 or not. In other words, you basically need their permission/blessing.
It's funny you should mention using a SeedSigner (npub17ty…3mgl) because I have contributed to that project and was working on another authentication system that would allow authenticating to a website with it, much in the same way FIDO2/passkeys work. The drawbacks to that approach are:
1. It's cumbersome to scan QR codes back and forth and navigate the menus
2. It suffers from the same adoption problem as FIDO2 where the website needs to change their authentication system and most have not chosen to do so
3. It only works on computers with cameras (fine for phones, but none of my laptops/desktops hsve cameras)
SeedSigner is a great project and very well run. I plan on getting back to that air gapped auth project in the future, but right now I need to wrap up some projects, or at least wrap up the loose ends so I can set 'em down for a bit without losing progress.
- Signet is here and now, not just hypothetical
- Public keys are not acceptable passwords at many sites due to annoying and often counterproductive password rules (length, character sets, etc)
- Bitcoin wallets generally don't act as a keyboard. They usually have some other mechanism to get data from the device to the host. Again, maybe with enough firmware changes it could be done
- Signet is only $40 USD, which is pretty cheap IMO
- The code is very small and just does one thing well. If one were to replace their hardware wallet's firmware with password manager firmware so it no longer acts as a hardware wallet, that same focus could be achieved. The flip side of this is that a hardware wallet with firmware to do BTC + password managent could try to be everything to everyone in a single device.
- Physically smaller than a Trezor Model T or Blockstream Jade
The advantage of the bitcoin wallets that have a screen is that the user can verify what thing (e.g. password) is being requested. In bitcoin, a single signed transaction is a BIG DEAL. One password out of a few hundred could also be a big deal, but I keep my super important passwords (e.g. password/key to encrypted backups) on a separate Signet device. So the impact is that the attacker can get through the first factor auth of some site, and then the attacker would immediately be detected because the user didn't receive the password that they wanted.
I'll be the first to admit that FIDO2 is a better solution than a Signet. The problem is that the service provider decides whether you can use FIDO2 or not. In other words, you basically need their permission/blessing.
It's funny you should mention using a SeedSigner (npub17ty…3mgl) because I have contributed to that project and was working on another authentication system that would allow authenticating to a website with it, much in the same way FIDO2/passkeys work. The drawbacks to that approach are:
1. It's cumbersome to scan QR codes back and forth and navigate the menus
2. It suffers from the same adoption problem as FIDO2 where the website needs to change their authentication system and most have not chosen to do so
3. It only works on computers with cameras (fine for phones, but none of my laptops/desktops hsve cameras)
SeedSigner is a great project and very well run. I plan on getting back to that air gapped auth project in the future, but right now I need to wrap up some projects, or at least wrap up the loose ends so I can set 'em down for a bit without losing progress.