They unveiled this at the conference today. Keys are generated on a phone/computer then stored on the Yubikey. For signing, the keys also need leave the device, hence "cool" keys. They are, for once, also open sourcing their key generation and signing code.
187 sats \ 1 reply \ @Pepek 3 Sep
An example of how useless it is. A Yubikey is purchased and can disconnect 2FA, register a new key to the Internet service. After that, the service does not log out for a while, but when the web service suddenly requested a PIN from Yubikey, The local driver did not solve anything and together with Microsoft claimed that the PIN was not the original PIN. I'm surprised, but it was not possible to log in to previously registered accounts such as gmail, id and others with that key. A factory reset will be performed because a different PIN must be generated. This is followed by re-registration and disconnection of the original service key registration, somewhere it is possible and somewhere they want the original physical key, with some services it is possible for free enter only one key and other services cannot even delete it. It is time consuming. According to the number of services. If the PIN is changed, then you can't log in and it's annoying. For those Casa services, "Lockdown" would probably follow, then "Video verification to unlock". For standard accounts, Video Verification for Sensitive Actions is an impossible action. Then only with the Premia account and it's embarrassing and expensive.
reply
It's cool but I don't know why I need this. Why is it better than using a regular hardware wallet?
reply
Likely oriented mostly towards pre-coiners. Why to buy another device for Bitcoin when you already have YubiKey?
reply
Better UX. If you've ever used a yubikey, it's easier to use than a hardware wallet.
reply
except you can recover a hardware wallet
you can't recover a yubikey
reply
Typically, you configure two yubikeys and keep them in separate locations.
reply
41 sats \ 1 reply \ @k00b OP 26 Jul
There are big tradeoffs being made here, so I wouldn't diminish those, but you can back up the private key stored on Yubikey.
The Yubikey isn't a signing device. It's a storage device.
reply
maybe you can recover from a backup file
but you can't deterministically rebuild from a seed phrase
yubikey can also be used to sign ssh, fido2, webauthn, pgp etc
edit - I see it is indeed a storage (not signing) device in this context
reply
Ok. I will take your word for it. Never used one.
reply
It's cool but I don't know why I need this. Why is it better than using a regular hardware wallet?
  1. costs $25, less than most HWWs
  2. can use for other 2FA and MFA
  3. not obvious for bitcoin, so won’t be on a “list” of ppl who buy bitcoin only products
reply
Good feedback
reply
Interesting. Been wondering if anyone would make use of YubiKey in the bitcoin space
reply
Looks like the user has to pay for a "service". How is the YubiKey communicating to the back end systems?
When you use a YubiKey to secure your Casa vault, a seed phrase is generated on your laptop or computer and then stored securely on the YubiKey protected by the passkey you just created. That seed phrase is then only accessible when you successfully authenticate with the Casa domain using the YubiKey itself. This means you can’t be tricked into signing a transaction through a fake Casa website — the passkey will refuse to decrypt the seed phrase.
reply
Determining if that’s true requires understanding passkeys and I don’t, but I’d guess your seed isn’t sent anywhere.
reply
21 sats \ 3 replies \ @jp305 26 Jul
Is this using biometrics or a PIN code?
reply
Disclaimer: I had a yubikey many years ago, I haven't used the new ones
no.
UbiKey is just a keyboard that always spits the same text out. it only has one button, and so u plug it in and press the button and it spits out whatever string is stored on it.
reply
21 sats \ 1 reply \ @jp305 26 Jul
They have new bio keys. I guess my question is which hardware is being used.
reply
I suspect you can use any yubikey that supports passcodes. It looks like they also allow/require pin encryption.
reply
Interesting way of doing this, but is it very secure?
reply
It's a great addon but my stock isn't that big till now! I can hardly invest $100 every month! When is the time do you think that we need to transfer our Stackers in our cold wallets? I've listened that fees are too high on the mainnet?
reply
Is this for the purpose when someone doesn't want to forget their keys?
reply
No one wants to forget their keys!
reply