The extension never sees your password. It only sends a navigation hint
(one letter) over USB serial and focuses an input field. The credential is
typed by the device over USB HID, only after you physically select the site and
press. See Security model below.
What it does
When you click the toolbar icon on a login page:Reads the tab
It takes the current URL, strips the scheme and a leading
www., and uses the
first letter of the domain.Jumps the device search
It sends
FIND <letter> over the USB CDC serial port; the device switches to
its alphabet search at that letter.Requirements
- A Chromium browser (Chrome, Edge, Brave…) — the extension uses the Web Serial API.
- The device must be running firmware with the link feature, and
Tools →
Chrome: On(enabled by default). - The device must be unlocked (past the PIN) and on the credentials list when you use it — the firmware ignores the command otherwise.
Install
Load the extension
Open
chrome://extensions, enable Developer mode, choose Load unpacked
and select the chrome-extension/ folder from the project.Turning it off
If you don’t want the device to accept the browser command at all, set Menu → Tools →Chrome: Off. With it off, the firmware does not parse the
FIND command, removing that path entirely. Default is On.
Security model
The extension only: reads the tab URL, sends one letter to the device, and focuses a field. That is the whole attack surface. The firmware guarantees:- The command only navigates — there is deliberately no serial command that types or reveals a credential.
- It is ignored unless the vault is unlocked and on the credentials list (never during PIN entry, an edit, the menu or TOTP).
- It is ignored entirely when Tools → Chrome is off.
Limitations
- Field detection uses heuristics (
autocomplete=username,type=email, name/id contains user/email/login, or the text input in a form with a password field). Some single-page apps, shadow DOM and cross-origin iframes won’t match. - Sites that split username and password across separate screens (some Google/Microsoft flows) don’t fit the device’s user → TAB → password output.