tank's avatar
tank 4 months ago
I’m excited to work with Praveen of Cove Wallet on a new open standard for Bitcoin wallet cloud backup using Passkeys - no passwords, no key server trust. Today wallets like BitKey provide a seedless UX with good redundancy but they require hardware. For spending wallets or users that want to start without hardware our proposal provides a compelling UX - Just do FaceID/TouchID to sync a Passkey to your password manager and done. It’s an improvement over Photon since there is no key server to run for the wallet vendor and no PIN to remember for users (and no email/phone for PIN reset). The wallet just needs to regularly do a health check to verify the Passkey in your password manager can decrypt the cloud backup. Let us know what you think. The goal is to develop this into an open standard that any mobile signer can adopt. Link below πŸ‘‡
A New Approach to Universal Bitcoin Wallet Backup with Passkeys and PRF | Praveen Perera
A proposal for cross-platform Bitcoin wallet backup using WebAuthn PRF, no passwords, no server trust

Replies (10)

Default avatar
Yaacov Akiba Slama 3 months ago
1. The client can regularly check the relays and republish the list of salts if they are deleted. 2. Every vendor can setup their own relay. 3. The list of salts is backup-ed automatically by ios/android because its in the app data and is not "secret". 4. The same list can be exported by the client to a simple text file if the user wants a wallet independent backup and doesn't want to run any app using this protocol for a long time. 5. Passkey rotation is generally not needed because the secret part of the passkey is not supposed to leave the TEE except when migrating from one vendor to another (using a secure protocol like CXP). In the exceptional case of a passkey compromise, the user can always move its funds to another wallet using a new passkey. 6. The UX cost of using iCloud/GDrive is very high (login, vendor auth)
1 replies ↓
tank's avatar
tank 3 months ago
Thanks for clarifying. 1-4: makes sense. The downside of relays is IP address (location) leakage to multiple untrusted server if users are not using a VPN. 5: I agree for a wallet use case. But for nostr the user loses his social graph. 6: the UX cost is zero for icloud-key-value-store (users are generally logged into their Apple ID on iOS). On Android there is a UX cost. The main upside I see is 2FA though. Compromise of a passkey is not unlikely on a desktop computer due to higher malware risk. Users could recover their wallet only on mobile devices. A user using yubikeys to secure their Apple/Google account would be resistent to an adversary that has compromised their laptop.
Default avatar
Yaacov Akiba Slama 3 months ago
Re 5. The passkey is used explicitly for the wallet. Re 6. A regular user doesn't store his passkeys in his desktop, and the passkey stays in his phone or physical key and only the prf result is sent to the desktop.
1 replies ↓
tank's avatar
tank 3 months ago
How does a user prevent sync of the passkey to his desktop? iCloud Keychain items are synced to all devices. Same with 1Password.
Praveen Perera's avatar
Praveen Perera praveen@covebitcoinwallet.com 3 months ago
biometrics is only required for accessing the passkey. PIN or biometric for signing a transaction is a wallet level decision. You can set this up in Cove to require it right now.
Praveen Perera's avatar
Praveen Perera praveen@covebitcoinwallet.com 3 months ago
I like this proposal - it's simpler than ours and the stateless design is really elegant. But it's not flexible enough for our use case. Two main concerns: 1. Doesn't support imported wallets 2. No good UX if passkey is deleted. User would have to create a new passkey/wallet, then decide how to transfer funds - consolidate all UTXOs in one transaction and lose privacy? Or transfer UTXO by UTXO and lose funds to fees?
1 replies ↓
Roy's avatar
Roy roy@primal.net 3 months ago
There are always trade-offs... There are a lot of different designs you can do with PRFs. We decided to prioritizie simplicity in our protocol, inline with *our* use cases. We don't need to support imported wallets or deal with UTXOs in our SDK. We've also vetted the approach with design partners.
1 replies ↓
tank's avatar
tank 3 months ago
Thanks Roy. Good discussion re prf here everyone … I have a better understanding of the trade-offs of each design now. For breez sdk the simplified design makes sense. Re import … I presume existing Liquid/Spark users could just derive a new wallet from the passkey and sweep funds from their old wallet with relatively low fees. Is this how existing misty breez users will be migrated?
↑