| Cool! Always nice to see extra competition in this space. One thing I've wanted for a while is a way to properly backup a webauthn token. An approach I discussed a couple of weeks ago [1] was: 1: Generate on-hardware webauthn master key on device A. 2: Generate on-hardware key-pair on device B 3: Export B’s public key, import to A 4: On Device A: Encrypt master key with B’s public key 5: Export encrypted master key to B 6: Decrypt on B I guess this would probably be possible with this device? Perhaps there are some even more clever way to do it. [1]: https://news.ycombinator.com/item?id=32621426 |
Yes, that'd be possible. I don't know how webauthn works, but if it relies on ECC you could probably do ECDH between all security keys you wanted to carry your master key, and then use the combined ECDH values as the master key.