Daedalus Universal 2nd Factor (U2F)

daedalus

#1

I have been working on a project and would like to gauge all of your interests in seeing it completed.

Daedalus Universal 2nd Factor “DU2F”

All comments will be read, thanks in advance.

Universal 2nd Factor (U2F) Overview, fido Alliance:
“The FIDO U2F protocol enables relying parties to offer a strong cryptographic 2nd factor option for end user security. The relying party’s dependence on passwords is reduced. The password can even be simplified to a 4-digit PIN. End users carry a single U2F device which works with any relying party supporting the protocol. The user gets the convenience of a single ‘keychain’ device and convenient security. This document is an overview of the U2F protocol and is a recommended first-read before reading detailed protocol documents.”

That tiny USB device pictured above has an ARM microprocessor which fits in your computer enabling strong cryptographic in Daedalus send feature.

Currently what happens in Daedalus when you want to send value out of your wallet is this:
41

With the DU2F you only have to touch it to validate sending, no passwords; that’s the point as your wallet would then be a 2-factor authentication enabled wallet.

If you lose your DU2F you would have to restore your wallet through your Daedalus recovery passphrase, thus wiping out the DU2F requirement.

Cost for an assembled DU2F should come in at $10.00 USD
You can also build one yourself as all parts are widely available.

The project will be license under, “Creative Commons Attribution-ShareAlike 4.0 International License”.

Well what do you all think, would you buy/build one?


Updates:

February 15, 2018
I did not make it clear but any U2F device should work, no pressure to buy another device.


#2

I would buy one. This is a great idea.


#3

Excellent idea. I would buy one for $20.
This “sending password” BS in wallets has to come to an end.
A pure HW or HW/SW hybrid wallet needs to be implemented.


#4

Does Daedalus support this? I would buy or build one or two. If you bought 2 or 3 could they be set up as duplicates to keep in different locations like home and office and in case one is lost?
Can the device and/or software be confirmed to be safe and secure? open source?


#5

Not yet, but it can be extended to accept U2F.

Absolutely.

100% Open


#6

Great! thanks. Did you design and build the device?


#7

Not the one in the picture, but if I get enough interest then yes.


#8

one suggestion that would be a big plus for me if it is possible and adds a another layer of protection…I have my yubikey set up to access my password safe on my windows machine in such a way that I have to enter the first part of the password from memory and then touch the yubikey (long press) which fills in the second part of the password. This protects from the yubikey being stolen and used to send funds without permission.


#9

It will have that feature plus, will measure and authentic identity of a client device and pair to it. Once paired it cannot be undone without resetting back to defaults, wiping away all data.

Cheers,
Jonathan


#10

Great, you can sign me up for at least 2 of them. Good luck with the project.


#11

If you can get Daedalus to endorse it I would buy one.


#12

I would buy one.


#13

I would buy one! Is there someone from Cardano Foundation that can pass this thread to IOHK?


#14

I would buy 2 at least.


#15

I would buy/build for sure. I have extensive electronics experience so if you need builders contact me.


#16

I’m also interested in this! I would love to see a working prototype.


#17

Thank You - I will be getting back to you when/if I can overcome electronjs (Daedalus built with it) limitations.


#18

Is there any word if Cardano is working on 2FA? Would love to use Google Auth or FIDO with my Nano with it.


#19

No word, I can tell you it will be difficult, very difficult to get this into Daedalus.


#20

I’m in for a couple. I like to support creativity as well.