A couple notes about the Infineon timing side channel affecting most YubiKeys.1. yubikey-agent is unaffected in the evil maid threat model as the attacker needs physical access *and PIN*2. lol, Infineon3. Go mitigates timing side-channels in ECDSA nonce inversion by not being clever and just using Fermat's little theorem, which is as simple as a constant time exponentiation by p - 2 (which can be optimized with @mbmcloughlin's addchain)https://ninjalab.io/eucleak/https://www.yubico.com/support/security-advisories/ysa-2024-03/