[dagenix]

The problem isn't someone stealing the physical key - yes, if someone does that, they can use it. But, if its your key, and you no longer have it, you'll notice that and can take action. A bigger problem is if someone briefly takes the physical key, clones the digital key, and then returns it to you. Then, you have no idea that its been compromised.

If your use case is that you want them to be secure from a wealthy nation-state - well, thats probably a tall order. What you are probably most interested in is that the cleaning person in your hotel can't clone your key. The thing with digital security, though, is that it real hard / impossible to really define intermediate security levels - what is possible for a nation state to do, may be only a research paper or code leak away from everyone else being able to do.

So, I'd really hope that any serious security key would be designed to defend against physical attacks.

[ecesena]

To echo on Conor's comment, our keys will protect you from online attacks. The one you describe is certainly a threat, but still pretty sophisticate and requires physical contact with the key.

To protect from physical attacks you need stronger devices, for example Yubico now has an entire new line of FIPS certified products. Note that the cost is higher than the FIDO2 usb-a only key.

As Conor mentioned in other places, to obtain stronger hardware we'd need to sign NDAs with vendors, and thus we couldn't make our key open source. Personally, I really hope that this first iteration will be a success, so we'll be able to push the industry for even more open hardware, and eventually we'll be able to address threats like the one you reported.

[jiveturkey]

> to obtain stronger hardware we'd need to sign NDAs with vendors, and thus we couldn't make our key open source.

That's not true. First, you won't even be eligible to sign an NDA with a secure chip vendor. Second, this won't limit you from having your application (running on their chip) subject to the NDA.