Hi @Dracian
The Internet Computer supports passkeys / WebAuthn natively (see here). This means you don’t have to do much, simply sign canister calls using the WebAuthn navigator.credentials.get function.
The agent NPM package provided by DFINITY comes with a nice WebAuthnIdentity to do exactly that.
Note: this would then result in the user having to interact with the passkey on every single sign operation. To avoid that, you can create DelegationIdentity that allows signing with a ephemeral key-pair generated in the browser and sign that using a passkey operation, like Internet Identity does it here: internet-identity/src/frontend/src/utils/iiConnection.ts at 09e9544c739bfc2c807d64ac553f5cff1728a329 · dfinity/internet-identity · GitHub
(simply supply your WebAuthnIdentity as the identity parameter).
I hope this helps.