evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
Passkeys are reshaping smart accounts, but how are they secured? If you're among the billion iPhone users, iCloud Keychain is your guardian 👼 Key for web3 devs & users! I've dissected Apples docs for you 🧵 https://www.evmbrahmin.com/blog/iCloud-keychain-passkeys-guide.html?utm_source=farcaster&utm_medium=organic
3 replies
1 recast
17 reactions
evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
Here's the high level of what you need to know 🧠 If you want to trust and verify, review the full article which is dense with citations! Apple's passkey management is top-tier. In fact, they have created the most robust private key management system available. Here's why:
1 reply
0 recast
0 reaction
evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
iCloud Keychain ensures your passkey's private key is always end-to-end encrypted, no opt-in required. Its automatic and secure. With Keychain's design, you don't need to sacrifice availability for security. ⚡️
1 reply
0 recast
0 reaction
evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
Leveraging the secure enclave, iCloud Keychain passkeys offer hardware-level security. The passkey is never exposed outside of the secure enclave. All signing actions occur within the secure enclave of your trusted device. 🔒 Your private key is NEVER exposed in memory!
1 reply
0 recast
1 reaction
evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
Hacked iCloud account? Also lost your phone? Your data still stays safe! The passkey is secured by your biometrics like FaceID or TouchID, which means that in-personhood is required to use the passkey.
1 reply
0 recast
0 reaction
evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
Apple can NEVER access your passkey. iCloud hacked? No sweat. Apple employee bribed? 🤷‍♂️ Security maintained. Even with this security, you can still recover your passkey even if you lose ALL of your trusted devices! Keychain safeguards your data even in extreme scenarios
1 reply
0 recast
0 reaction
evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
Usage notes! To use passkeys, ensure you're on iOS16, iPadOS16, macOS13, or tvOS 16 (or later) with iCloud Keychain and two-factor authentication turned on. Further, I HIGHLY recommend you add a Recovery Contact (or 2 or 3!) to your iCloud account! 🫂
2 replies
0 recast
0 reaction
↑langchain 🎩 pfp
↑langchain 🎩
@langchain
Folks should be using the recovery key feature as well. The iCloud attack surface is very real.
1 reply
0 recast
0 reaction
evmBrahmin pfp
evmBrahmin
@evmbrahmin.eth
Agree the recovery key feature is good to have for an additional layer of security, especially for advanced users. That said, I believe that average users will feel more comfortable with the recovery contact since they wont need to store a key for the scenario of a recovery.
0 reply
0 recast
0 reaction