1) We are changing our warehouse process, adding a technical QA step, so that such mistakes won't happen anymore. Sorry for the trouble.
2) As you noticed, the former U2F is going to be replaced by a new FIDO U2F device which contains a full USB plug for better reliability, is more durable and has a touch button.
Unfortunately it's not _fully_ open source. They don't say it anywhere on their webpage, but they use an [OpenPGP Smart Card](https://www.g10code.com/p-card.html) internally, where some of the implementation by ZeitControl isn't open source. g10 has a reference implementation that is fully open source, but there's some additional (timing?) attacks that Zeitcontrol has implemented and cannot release.
Note the NitroKey start is a gnuk implementation and is fully open source. The tamper-resistant models are using the BasicCard with Zeitcontrol software.
1) Ordered 2, received 1. Thankfully, support quickly sent the second one once I wrote to them.
2) Now they only work when I plug something else to another port to my Mac (no such problem with Yubikey). No reply since April 29: https://support.nitrokey.com/t/nitrokey-u2f-issues-in-macos-...
Edit: I now noticed they have a different U2F version — the previous one was a card that you fold to make it into a USB dongle.