TL;DR: We ripped Specter open, jammed the private key inside your Mac’s Secure Enclave, and bolted Touch ID in front of the signing button. No dongles, no USB firmware roulette, no “where’s my Ledger PIN?” panic. Just run the app (or build it from source), pair it with your node, and your laptop becomes the safest cosigner you already own.

🥷 What makes it different?

• Mac’s Secure Enclave key never leaves the chip; Touch ID ≈ hardware-wallet button
• Ships 2-of-3 by default: Enclave key + hardware wallet + remote descriptor
• Entire signing path in Swift + CryptoKit, 1 700 LOC.
• No USB required; PSBTs move via NFC (if you have iPhone) or animated QR.

💡 How it works

• specter-enclave init: generates a BIP-32 root inside Secure Enclave (non-extractable).
• specter-enclave export-xpub: dumps xpub to pair with Bitcoin Core → watch-only wallet.
• When you build a PSBT, Specter prompts Touch ID → Enclave signs → PSBT broadcast.
• Optional: add a Coldcard/Tapsigner as second key; Enclave enforces 2-of-3.

🏆 250 k sat lightning bounties

• Improvement / Bugfix PR = 10 000 sats.
• Full code-review write-up = 50 000 sats.
• Critical bug = up to 250 000 sats.

🔮 Coming next

• Secure Enclave + YubiKey 2-of-2 mod (no hot storage at all).
• iPhone watch-only companion – scan QR, push PSBT to laptop for Touch ID sign.
• Kernel Panic Kill-Switch – steal-my-laptop and the Enclave key nukes itself.

👉 Grab it, audit it, roast it.