OpenSK

OpenSK is an open-source implementation of FIDO2 (WebAuthn + CTAP) security keys, written in Rust and designed to run on affordable microcontroller boards. It provides the full authenticator stack—USB/NFC transport, CTAP protocol handling, credential management, and cryptographic operations—so you can build and audit your own hardware token. The project emphasizes defense-in-depth: memory-safe Rust, hardened crypto, isolation via an embedded OS, and explicit user presence/verification flows. Developers can flash reference hardware, customize UX (LEDs, buttons, PIN), and experiment with extensions while staying interoperable with major browsers and platforms. A test and conformance suite validates protocol behavior against the WebAuthn/CTAP specs to ensure compatibility.

Features

Full FIDO2/WebAuthn authenticator stack in Rust
USB and NFC transports for desktop and mobile use
Credential storage, PIN management, and resident keys
Hardware reference designs and flashing instructions
Conformance tests to validate CTAP/WebAuthn behavior
Extension points for custom UX or experimental features

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow OpenSK

OpenSK Web Site

Other Useful Business Software

AI-powered service management for IT and enterprise teams

Enterprise-grade ITSM, for every business

Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.

Try it Free

Rate This Project

User Reviews

Be the first to post a review of OpenSK!

Additional Project Details

Programming Language

Rust

Related Categories

Rust Security Software

Registered

2025-10-09

Similar Business Software

Frontegg

Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg,...

See Software
Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
myACI

ACI Learning delivers hands-on IT and cybersecurity training built for modern teams. Expert-led videos, interactive labs, and certification prep for today’s top credentials turn knowledge into real-world skill. Whether you’re training a team or advancing your career, myACI makes it easy to...

See Software
Passwork

Passwork is an on-premise corporate password manager built for security-conscious organizations. Developed and headquartered in Europe (Barcelona, Spain), Passwork meets GDPR, NIS2, ENS and other European regulatory requirements by design. All passwords and credentials are stored exclusively...

See Software
New Relic

There are an estimated 25 million engineers in the world across dozens of distinct functions. As every company becomes a software company, engineers are using New Relic to gather real-time insights and trending data about the performance of their software so they can be more resilient and...

See Software
Diplomat Managed File Transfer

Diplomat MFT by Coviant Software is a secure, reliable managed file transfer solution designed to simplify and automate SFTP, FTPS, and HTTPS file transfers. Built for seamless integration, Diplomat MFT works across major cloud storage platforms, including AWS S3, Azure Blob, Google Cloud,...

See Software