// the find
google/OpenSK
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
OpenSK is Google's open-source FIDO2/U2F security key firmware written in Rust, running on Nordic nRF52840 hardware via the Tock OS. It's a research and development platform for people who want to understand or experiment with hardware security keys at the firmware level — not a daily-use product replacement for a YubiKey.
The CTAP 2.0 implementation was actually FIDO Alliance certified, which means the core protocol work isn't hand-wavy. The crypto abstraction layer is well-structured — hardware-backed and software crypto implementations are swappable behind the same trait interface, which matters when the CryptoCell-310 integration ships. There's meaningful fuzz coverage across CTAP1, CTAP2 make-credential, get-assertion, and client-pin commands, plus a structured corpus for CTAP2 parameter fuzzing — that's the right place to fuzz a security-critical protocol parser. The post-quantum hybrid signature research (best paper at ACNS SCI 2023) is real academic work, not a blog post.
The develop branch is explicitly not FIDO certified and is described as a research platform, so anyone using it as an actual daily authentication device is taking on unknown protocol conformance risk. Hardware-accelerated crypto via the nRF52840's CryptoCell-310 is still not integrated despite the chip being supported for years — you're running software crypto on security hardware, which defeats part of the purpose. The project is Google-backed but explicitly 'not an officially supported Google product,' which in practice means the maintenance cadence is research-driven, not production-driven — the last news item is from 2023. Supported hardware is limited to four nRF52840 boards, so there's no path to deploying this on other widely-available embedded targets without significant porting work.