If you want to understand why Germans are so obedient look no further than the children’s book Der Struwwelpeter. My favorite story is of the boy that does not listen to his mom and reluctantly sucks his thumbs, only to have them get cut off by the tailor.
Cool to see Moxie get excited about Passkeys and WebAuthn PRF to improve the UX for E2EE apps
Confer Blog
Making end-to-end encrypted AI chat feel like logging in
We want private AI chat to be simple. Yet today, many end-to-end encrypted experiences still have a level of friction that make them feel like they...
Passkey PRF could also be used to backup a nostr nsec to the password manager without users needing to copy/paste private key material. And since Apple requires turning on 2FA to use passkeys, users get pretty decent security for key backups.
Apple Support
Use passkeys to sign in to websites and apps on iPhone
On iPhone, use passkeys to securely and easily sign in without passwords to websites and apps.
 View quoted note β†’
I’m excited to work with Praveen of Cove Wallet on a new open standard for Bitcoin wallet cloud backup using Passkeys - no passwords, no key server trust. Today wallets like BitKey provide a seedless UX with good redundancy but they require hardware. For spending wallets or users that want to start without hardware our proposal provides a compelling UX - Just do FaceID/TouchID to sync a Passkey to your password manager and done. It’s an improvement over Photon since there is no key server to run for the wallet vendor and no PIN to remember for users (and no email/phone for PIN reset). The wallet just needs to regularly do a health check to verify the Passkey in your password manager can decrypt the cloud backup. Let us know what you think. The goal is to develop this into an open standard that any mobile signer can adopt. Link below πŸ‘‡
PraveenPerera.com
A New Approach to Universal Bitcoin Wallet Backup with Passkeys and PRF β€’ Praveen Perera's Blog
A proposal for cross-platform Bitcoin wallet backup using WebAuthn PRF, no passwords, no server trust