A place for developers to talk about building on Farcaster.

/dev

What are the security differences between storing a seed phrase in the following ways:

- Locked note in iCloud
- Password-protected in Keychain like how Rainbow does it
- largeBlob with a passkey in iOS17+

I think I understand the UX implications of each, but curious about the technical side

BDFL of Quilibrium, Eng @ Farcaster, ex-Coinbase, always opinionated, never hydrated

/quilibrium

I like baking /goodbread and building apps on web3 protocols. DevRel @ ENS Labs. gregskril.com

cc @cassie 

1/ Keychain is a more secure part of the operating system on iOS and macOS vs. Notes is an app, likely more basic password security (likely not encrypted)

Password-protected back up is likely decent encryption, but if you forget the password you're screwed.

2/ Apple has done a ton of backup/security work for passkeys

2/ Apple has done a ton of backup/security work for passkeys

https://support.apple.com/en-us/102195

Building dynamic.xyz | @dynamic | Craft magical onchain sign up experiences  - embedded wallets, login, user mgnt, authz and more | Demo: demo.dynamic.xyz

And are facing nation state attackers (and aggressively patching)

I think this is the key point. You essentially "offload" recovery and parts of the security to companies like Apple, Google and Microsoft who have to think about this daily at massive scale.