Fair enough. So the attack scenario is having a rogue state-sponsored app installed on everybody's device (think tik-tok), which steals everybody's private keys ... and does what? Registers an account on coinbase to launder money? Applies for a childcare subsidy and wires the money to insert country here?
> Fair enough. So the attack scenario is having a rogue state-sponsored app installed on everybody's device (think tik-tok), which steals everybody's private keys
The German AusweisApp2 is fully open-source (to protect against the first scenario), and it might be possible to do it in a web app assuming Web NFC gets more widely supported [1].
The second scenario is protected against by the keys being provisioned on the smartcard during manufacture (or, if the user so desires, at the touchpoint where they get handed over the ID card) and being unable to be exposed, at least not without either destructive methods or side-channel attacks.
Malware can go and dump the keys from the Secure Enclave. It's just the same mechanism that pirates use to crack the Widevine decryption, just that it's the strong digital identity of a person towards a government at stake here.
