So Solokeys has started their second Kickstarter campaign, after the Solo, we get its second iteration, so let's look at what it has and have a first impression.*
*I dont have this yet so take it all with a grain (or some more) of salt, rather than treating it as the absolute truth.
So, the Solo V2 adds many things, but it also removes 2 main things:
First off would be the Clicky button, a thing I personally liked since you can very well hear and feel the interaction with your solo and the button on the solo just felt very nice in general being made unlike any button on a FIDO2 device I have seen before. But clicky buttons usually come with problems of their own, not only that they themselves have a lifespan but also that especially on a Solo-C I would say it's a bad idea to try to push it with only one finger without supporting it on the back, especially as C-Plugs are usually weaker. One thing I know for sure is that I dont wanna try it.
Second, the cheaper non-nfc version is also going away likely to keep tooling and logistics costs down as I would sooner or later expect at least 6 variants even without any non-NFC variants as you have the firmware style being Secure, Hacker and possibly a Dicekey variant as well, and obviously the 2 connectors, USB-A and USB-C. Ultimately this means the Solo V2 will be much more expensive if you didnt plan to get an NFC device considering the base price they noted in the Keybase chat would be 48$ which is even a 20% step up from the USB-C NFC Version), which isnt a problem on its own except that it puts it into the territory of the yubikeys, which despite me personally not liking them, are definitely strong competition
But these 2 kinda smaller things set aside there are a LOT of additions for the Solo V2.
- Better Updates
- The orignal Solo, Solo V1 for disambiguation, already has updates, however it does only check the update process itself, however if you can skirt an update around that e.g. by going onto the flash itself it wont really help as the bootloader assumes that all is fine as DFU is supposed to be dead and the bootloader's own update process checks already, and just boots whetever is on it.
However the Solo V2 has secure boot so it will do the checks not only on the update itself but also on every single boot making the updates as well as the general concept of updatable firmware much more secure.
- Easier Development using modular applets
- They call them apps, I dont care since they arent really doing anything on their own but more like part of an entire thing like the FIDO2 applet would only be part of the entire system of the FIDO2 authentication stream.
Basically the main difference to Solo V1 is that on the V1 everything is part of a more or less monolithic firmware and need to be embedded into it, yet the applets on the V2 are basically completely modular and the Update process would just compile all the applets you want into one firmware package for the Solo V2 to accept.
- More Secure Firmware due to better Programming
- The Solo V2's Firmware will be made in Rust which allows them to get less of the issues that C has and therefore make the firmware more secure in general.
- Reversible USB-A
- While technically being a stretch goal, it was already surpassed by its own amount already, this is likely one of the biggest things, the Solo V2 features reversibility not only on the USB-C side but the Conor Patrick one of the 4 People made some research, but obviously not without the help of some Stack Exchange forums, and got a USB-A plus they seem to have working and trust me without Stack Exchange, IT nowadays would likely be off SO MUCH WORSE. 🙂
- Better NFC
- They say 10 times, but I obviously have neither the knowledge, nor the tools to quantify that, however it can be clearly seen that they have put quite some work into it. Not only did they seem to have improved the antenna and therefore power harvesting big time, but they also made a way to die less while doing stuff if the NFC field isnt perfectly stable by quickly making it drop the performance level to at least stay alive until power recovers.
- Touch buttons, 3 of them
- I dont overly like touch buttons but they are objectively better in many ways as they need borderline no force to activate and have basically unlimited livespan, also due to them being at the sides and far end, they are also easier to reach as there is no upside down problematic and even in cramped spaces like a USB-Hub you should still reach the button at the far end. and that's not even mentioning that 3 buttons allows for extra functionality.
- More than Just FIDO2
- Solo V2 will also implement PIV, a standard for smartcards which can be used for several things although sadly at its current state neither PIV nor FIDO2 can be used to login to a layman's (Windows) PC directly but are rather for enterprise level, with Smartcards being limited to Active Directory and FIDO2 to Azure AD. And with it being modular, I wouldnt be surprised if people throw in applets that sooner or later will be added to the catalog of approved ones to be able to be thrown onto a secure Solo as well.
- Physically more robust and secure
- so there are 2 main weaknesses of the Solo V1 from a physical standpoint:
1) On a C-Solo the USB-C connector is obviously relatively weak as there isnt too much holding them especially on the much thinner PCB compared to the A-Solo I have.
2) the components are either totally exposed or just behind the rubber case.
The Solo V2 solves both by using a dual-PCB consruction using a connector PCB which features the USB-Connector and the NFC as well as a cavity for the actual main PCB with the components to be filled with Epoxy which not only provides resistance to the elements (including being resistant to water) and some extra abuse, but also makes it harder to attack the actual chips, and maybe even almost impossible to do so covertly.
And not only that but the Solo V2 will obviously inherit many things its predecessor already had like being open source and if you want it to be, hackable as well.
All in All I would say the Solo V2 looks very promising and I look forward to it already. Currently the Solos you can back on their Kickstarter are expected to ship in June although I would expect some Corona-related delays. How does the saying always go, expect the worst, hope for the best.
Obvious transparency note: I have been paid 100% nothing for this neither in Money nor in Solos 🙂 In fact I have backed this myself and looking forward already. while the best discounts are either already gone, or close to that, it would be likely the cheapest option to pool with some friends and get for example 4 solos together which also comes with the added benefit of free shipping in the EU, UK and Switzerland. Also shipping to Europe is planned to be done from inside meaning less or no hassle with customs procedures and import taxes or bonus fees by shipping companies.