u2fzero is "Currently unavailable" on amazon. And the lack of housing makes me question how durable the device would be. The last thing I want is my u2f dying and locking me out of a ton of accounts.

I've had one on my keychain for a while. It's rugged enough for day to day use.

The only issue is that the hole for the key ring has a thin wall, so I have a plastic coated keyring to prevent the metal from rubbing the hole.

The Yubikey 4 does a lot more than just U2F though.

> […] there is the possibility of side-channel attacks on the u2fzero.

Interesting. How does that work? Have you any references to that?

The Atmel chips do not claim that they have implemented counter-measures for power analysis, etc. Power analysis on a key operation is a dangerous attack if proper counter-measures are not taken. You can literally read off the 0/1 of each bit of the key as the key operation is underway if you monitor the power/timing.

The NXP chips inside the yubikey claim to be hardened against several such attacks (although I have not confirmed).

NXP is a cagey company. For example, I am a researcher, and I wanted to get the yubi-key's unlocked to write and test new u2f protocols on their hardware. They wouldnt sell me development keys, and claimed that the restriction was placed on them by NXP. I wrote half-a-dozen requests to the NXP people, and they never replied.

You have a link? The only thing I get for u2fzero is their site with instructions on how to build one.

Closest I could find that was still available is

https://amazon.com/HyperFido-K5-FIDO-U2F-Security/dp/B00WIX4...

thanks. Just what I was looking for (couldn't find the upvote button)