Nail1684
September 30, 2025, 12:38pm
192
I just had a casual look into GitHub… and (but probably very early!) there is some interesting news
anders/browser-prf ← anders/unlock-prf-3
opened 11:56AM - 30 Sep 25 UTC
## 🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-2035
## 📔 Obj… ective
This PR introduces PRF powered unlock in our web + browser clients. It sits on top of the `browser-prf` branch since until that branch is merged.
Here's a summary of the changes:
* PRF Decryption Options for *all* the users passkeys are included in the server sync response and stored. This allows both offline unlock, but also allows for unlock via any passkey, regardless of method of login.
* New KM owned `webauthn-prf-unlock.service.ts`. Internally it forwards a few calls to the existing `WebAuthnLoginPrfKeyServiceAbstraction`.
This PR is dependant on the server changes proposed in https://github.com/bitwarden/server/pull/6401.
## 📸 Screenshots
## ⏰ Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team
## 🦮 Reviewer guidelines
- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes
Dependent on (server) PR:
main ← anders/prf-options
opened 11:57AM - 30 Sep 25 UTC
## 🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-2035
## 📔 Obj… ective
This PR is complimentary to the client changes proposed in https://github.com/bitwarden/clients/pull/16662.
It adds all PRF enabled passkeys to the DecryptionOptions response in both the SyncResponse and GrantResponse. We can discuss wether returning all in the webauthn grant response is really necessary.
## 📸 Screenshots
## ⏰ Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team
## 🦮 Reviewer guidelines
- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes
2 Likes
– at least for the web vault and the browser extensions for now: