Replies: 3 comments 4 replies
-
|
So blockchain is still a thing? Also how can we trust the security when large parts of the firmware will be written by AI? |
Beta Was this translation helpful? Give feedback.
-
|
Let me expand on blockchain, responding to @piratenpanda. When we started our work on FIDO2 the world was different, there were only a handful of websites with FIDO2 2FA, the word "passkey" didn't exist and not all browser/devices supported FIDO2, notably Apple (i.e. billions of people) didn't. Now that FIDO2 is ubiquitous, that mission is essentially done, there's very little to innovate. And don't get me wrong, if things change and we find opportunities to innovate, we'll be the first, as we're already ahead with post-quantum. FIDO2 is big because 1) it transitions people from using shared secrets (aka passwords) to public key cryptography, and 2) it removes phishing. A similar parallel is happening to money. There's hidden secrets and there's phishing. Money will transition to public key cryptography and, needless to say, money must be resistant against online attacks (and also offline). So, wait a few years and imo it's inevitable that we'll use security keys to sign money transactions. Whether it's this or that technology (bitcoin vs ethereum vs solana vs others), whether we think that NFTs and prediction markets are a thing or a scam... I'm trying to stay out of that, all I personally care is that it gets simpler to use, open and secure. To me the biggest "next chapter" for a product like Solo Hacker will be post-quantum (that's likely already done for the next 2-3y at least) and blockchain. There will be no pressure to our users, it'll remain an optional app like any other app (I personally don't use opengpg, but the app is there). And what will be promoted to Solo Secure will depend on what actually happens, not my/our hypothesis. But... yeah... you'll hear me talking about blockchain :) I apologize in advance, and if I see that people don't like it/get annoyed I'll keep it very short in the official solokeys comms / use a different channel. |
Beta Was this translation helpful? Give feedback.
-
|
@0x0ece thanks for the effort, my attempt to update repo and its dependencies to the latest rustc felt impossible. It's great that you achieved it with AI agents. But I think the repo itself is missing some important details: Issues, Contribution Guide and Milestones. I know that maintaining is hard and time consuming, but without those features the repo feels more personal rather than public.
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi everyone, it's been a long period of silence, but you probably noticed new commits in the repo... I want to share some technical updates ahead of our "marketing update" that will be published in the next few weeks.
First, the question that's probably on everyone's mind: is Solo dead? is it back? why now?
The answer is... AI.
I'm still amazed by what AI can do with hardware and firmware, not just web frontend.
If you never tried it, plug a dev board into your computer, ask your fav agent to build you something like blink a led, or port solo2 to your board... it's simply unbelievable.
Our first experiment has been to update the 5y old codebase to newer Rust. Done.
Next, port solo2 to the nrf52840-dk (that I had around). Done. Make NFC work. Done.
Next, analyze the CTAP2.3 specs, find what was missing and implement it. Done.
Before, I feel I had to spend hours to just remember how to flash my dusty dev board. Now I have multiple boards permanently connected to a raspberry pi and keep running experiments.
We get to a prototype super fast, we know our idea works, we get excited about the result, and (with a little more patience and still manual effort) we make it into a product.
This, to me, is the AI revolution. And this is why all this new activity, all now.
Let's get to the technical updates.
Update 1. FIDO2 certification.
We implemented the full CTAP2.3 spec, we did all certification tests, we're awaiting the official paperwork to announce that Solo 2 is FIDO2 certified (ETA depends on the FIDO Alliance, we hope in a matter of a few weeks).
This is a good time to remind the difference between the Secure and Hacker models.
Hardware is identical. Firmware is almost identical (more about this later).
The difference is in how they're provisioned right after manufacturing.
The Secure model is locked down (the NXP chip is sealed, debug access is off, secure boot and flash encryption are on). You can only upgrade a Secure model with firmware signed by SoloKeys. Devices are also provisioned with attestation keys, to prove that the firmware is genuine.
The Hacker model is unlocked (the NXP chip is not sealed, debug access is on -- secure boot and flash encryption are also on). You can upgrade a Hacker model with firmware signed by SoloKeys, or your own firmware (you need to turn off secure boot). Because they're unlocked, they can not be provisioned with attestation keys.
What matters for FIDO2 certification is the attestation key.
So, the Secure model will be certified. The Hacker model is not certifiable.
Concretely, this means that if an application wants a FIDO2 key/passkey, it'll most likely work with both Secure and Hacker. But if they require a FIDO2 certified key, it'll only work with the Secure model. To date, the only examples of applications that we know require FIDO2 certified keys are Windows Enterprise and some banks.
As we're on the topic of Secure vs Hacker, let's talk about security.
In my opinion, the security is perfectly equivalent.
Both models protect you against online attacks such as phishing, which is what we want from a FIDO2 key.
Both models protect you against malware running on your computer (oh, hello AI agents), i.e. if you have a key on the hardware device, it'll not be exfiltrated, unlike any key stored on your computer. (Note that to flash a new firmware, you have to explicitly press a button... so a malware alone can't reflash your key.)
For both models, there's very little we can state about physical security. If you loose the device, your keys are likey protected by a PIN. But if a serious attacker has stolen your devices, it's very hard to make any claim of security (this is where other products hand-wave their secure elements, that you have to trust).
Long story short, Secure is certified, Hacker is not. Both have the same security properties, or at least very similar. Unless you strictly need a FIDO2 certified key (Windows Enterprise, some banks), you can use Secure or Hacker for pretty much all meaningful applications. I want to stress this point because our marketing update will be very focused on the Secure model and FIDO2 certification --we can't confuse consumers-- but I don't want developers to read that and be discouraged or disappointed about their Hacker. To me, especially now that's easy to customize the firmware with AI, Hacker is the superior product.
Update 2. New features, new use cases.
In the new firmware, we'll release FIDO2 updated to the latest CTAP2.3.
The changes are not particularly groundbreaking, unless you're a spec nerd. But FIDO2 aside, we packed Solo 2 with exctiting new features.
We added a completely new secrets app, that can handle any type of protected storage: passwords, totp, hotp. It's currently limited to 150 total secrets, but that's a const that we can easily increase in future releases.
One note: this new app is not compatible with the old oath-authenticator. If you have existing oath credentials, we added an exporter that lets you dump the old ones and reimport them (there will be a clear migration guide).
We added PIV and openpgp support. How many keys? Here the limit is the specs, PIV has 24 slots, openpgp has 3 keys.
PIV supports ML-DSA-44, which is a quantum-safe signature scheme.
With all these new featurs, you can really do anything with a solo key. I personally do ssh and sign my git commits, and for both I use FIDO2. But you can pick and choose.
We wrote a few tutorials under the examples/ directory to get you started and foster ideas.
What I'd really like though, is to maintain a list of "Awesome Solo" with links to YOUR tutorials, and how YOU use the key. This is not just easier to maintain for us, but also better for the community as people can see the key in real use cases.
Update 3. A new chapter for Hacker.
All the features above will be released in the new firmware both for Secure and Hacker. But for Hacker there's more:
More generally, Hacker will become an experimental platform for new features, before we release them to the Secure model.
The most recurring question we ever receive is "how many passkeys can I store?".
We used to say 100. We're making it 1,000.
I want to note that this is pure "marketing bs", however it turned out to be a pretty interesting technical challenge, so here we go.
(A mini parenthesis on passkeys vs 2FA. Passkeys used to be called resident keys or discoverable credentials in the FIDO2 specs, they are explicitly stored on the device, and they generally contain also user id, and/or username and email. Non-discoverable credentials are used for 2FA and they're not stored on the device, so they're unlimited. But terminology is often misused, for example if you add 2FA/passkeys to Google, Github and X, you'll see that on your device there's 1 single discoverable credential, Google, and the others are non-discoverable. That's why 1,000 and 100 are realistically the same number.)
On the hardware side, the device has an internal flash (512kB dedicated to the firmware + 100kB or so to store passkeys) and a 2MB external flash, that was unused in the previous firmware. The external flash is now on in both Secure and Hacker, and hosts PIV, opengpg and secrets. Experimentally, on the Hacker we're testing a new filesystem that will store passkeys across internal + external flash, so we can raise the limit to 1,000.
Next, post-quantum. We did a collaboration a while ago with SandboxAQ, but never released it. We (re)implemented ML-DSA-44 using libcrux, which is a formally verified Rust library, and we added support to both FIDO2 and PIV. PIV is released to both Secure and Hacker. Unfortunately, ML-DSA-44 is not yet officially supported by FIDO2 and, even worse, it currently breaks certification tests -- thus we can't release it to the Secure model, but we made it available to the Hacker. We're not aware of any browser support, nor SSH support (as in SSH+FIDO2), but... someone has to start somewhere.
Finally, blockchain. We're experimenting with a new concept, a "hardware wallet for developers", where the goal is similar to FIDO2: protect private keys from online attacks, malware, and isolate them from AI agents and bots running on your computer -- without claiming any physical security. Compared to Ledger and Trezor, reduced security and reduced cost.
We released a proof of concept for Solana and Ethereum / EVM, and if you're in the blockchain space we'd love to hear what do you think about it.
Update 4. A fresh repo.
The code on the repo should be pretty stable, we're still working on the new filesystem / 1,000 passkeys, as well as testing and making sure we have solid upgrade procedures. If you have a dev board (NXP or NRF), or if you feel bold with your Hacker, feel free to give it a try.
We made the repo AI-friendly, with AGENT.md and skills. Our dream is that this can help across the board, from answering questions to help you use your Solo key more effectively. "How many passkeys does solo2 support?", "Help me configure ssh access to the rpi using my solo2", "Configure this repo to sign git commits with my solo2"...
Agents are also very good at working with our firmware, we have first hand experience. We often receive inquiries to collaborate with SoloKeys, mainly of two kinds: projects that want to whitelabel our hardware but run their custom firmware, and projects that want to add FIDO2 to their product. If you're in either situation, we encourage to give AI a try, you should be able to get to a prototype in literally a weekend. And of course, we're always happy to discuss and help.
To summarize this long long post.
Enjoy, and more soon!
Beta Was this translation helpful? Give feedback.
All reactions