Digging through the YubiKey site, I noticed they recently added
secp256k1 support. I know that GPG does payload decoration before signing that will break bitcoin, but it looks like the RAW dotNet SDK has a
SignHash function that may be low level enough.
So, as a purely theoretical, does the Yubikey API / SDK have enough support for
secp256k1 to sign a simple bitcoin transaction and service as a single-address HW wallet? Anyone want to give it a shot?