After a long break, I’m back working on my FIDO2 authenticator! With BLE dropped from Chrome, I’ve shifted gears to USB—and that meant switching from ESP32 to STM32 (and soon RP2040). The latest prototype features a fingerprint scanner, secure element, and a fresh USB PCB. Still lots to build, but it’s moving again!
While working on the URU Card project, I realized just how practical the credit card form factor really is—so I redesigned URU Key into URU Card Pro. It now fits in a wallet, runs on an ultra-thin Li-Ion battery, and includes a tiny OLED display for feedback. Same secure guts, much better usability!
Finally, a working BLE-based FIDO2 authenticator on Arduino! The URU Card project now supports basic credential creation and authentication via ESP32. Still early-stage (with hardcoded keys for now), but it’s enough to pass WebAuthn tests in Windows—and it’s open for everyone to try and build on.
After a lot of requests to open-source URU Key, I’m starting a new project—URU Card! It’s a wallet-sized, open-source FIDO2 authenticator with an OLED screen, touch keyboard, and ESP32 brain. No biometrics (for now), but secure, DIY-friendly, and easy to build with Arduino libraries. Want to join in?
Hardware is done! After months of prototyping, I finally finished the compact 40×15mm URU Key device—complete with ESP32, fingerprint scanner, security chip, LiPo battery, and USB-C. It’s basically a fitness tracker… but for secure authentication. Now onto the software (and maybe a proper case 😅).
It’s official—URU Key is now a real, standalone device! I added the custom power board, used spring-loaded pins for easy firmware updates, and screwed everything together into a compact 35×20×10mm unit. Hardware’s basically done—now it’s time to dive deeper into the firmware, especially the biometric side.
Everything’s finally coming together! I combined the ESP32, fingerprint scanner, and ATECC508A security chip into a single board—the first real version of my own FIDO2 Authenticator: URU Auth (You Are You). It’s handheld, it lights up, and it’s so close to being fully autonomous. Time to tackle power and fingerprint recognition!
Time to tackle the ATECC508A crypto chip! I started building an ESP32 component library to use it in my FIDO2 Authenticator. One chip gave me trouble, but another worked perfectly. Lots of I2C fun, ECC signatures, and some helpful inspiration from SparkFun’s Arduino library. One step closer to full hardware-based security.
Tried to go full DIY and desoldered the fingerprint sensor from the R300 module… but hit a wall—the pad layout doesn’t match any docs I could find 😕. So, switching gears: I’ve designed my own custom dev board for the authenticator with ESP32 Pico D4, ATECC508A, and room for a scanner. Boards are on the way!
Spent the weekend turning an ESP32 into a FIDO2 BLE Authenticator! Chrome even recognizes it (though it doesn’t do much yet). Also found a neat secure chip—ATECC508A—that could store encrypted keys. Still brainstorming how to handle more than 16 keys. Nerdy fun!