> Since the U2F model assumes that the browser is trustworthy, any browser in the OS is able to access any key stored on the U2F token. The user has no way to know which keys have been accessed by which browsers for which services.
Note that this should be treated as a "mental shortcut" as keys are never directly exposed to browsers or any other devices in U2F. It would be more precise to say that the browser can ask U2F device to sign any request with any key.
Of course internally the key storage can be optimized. For example Yubikey and Feitan (Google Titan Key) generates private P-256 keys on demand by HMACing a burned secret. That's how they can provide "unlimited storage".
Once again as a reminder - just because your computer is running qubes os doesn't mean it's secure from the 3 letter agencies. If they compromised the underlying hardware then whatever you run on top of it is compromised(e.g. qube os etc).
Note that this should be treated as a "mental shortcut" as keys are never directly exposed to browsers or any other devices in U2F. It would be more precise to say that the browser can ask U2F device to sign any request with any key.
Of course internally the key storage can be optimized. For example Yubikey and Feitan (Google Titan Key) generates private P-256 keys on demand by HMACing a burned secret. That's how they can provide "unlimited storage".
Details here: https://developers.yubico.com/U2F/Protocol_details/Key_gener...