I built a Mac + iPhone system where the iPhone acts as a live trust key for selected processes on the Mac.

  How it works:

  - Mac and iPhone pair with mutual TLS
  - when the iPhone app is open, it establishes a trusted session
  - the Mac maintains that session with BLE presence + recurring trust proofs
  - if trust ends, the Mac kills the gated process

  Important constraint:
  on iPhone, this currently works only while the app is in the foreground. If the app is backgrounded, the phone is locked, or the app is closed, trust ends. In practice that means the usable trust window is short, roughly 15 to 60 seconds as no one would keep phone unlocked for too long.

  So the original idea of long-running DevOps sessions like SSH tunnels / kubectl port-forward probably does not hold up under this constraint.

  What may still fit:

  - decrypting a file for a brief operation
  - running a one-shot privileged script
  - briefly exposing a local signing daemon
  - short-lived key-use or signing actions.

The system is local-first:

  - no cloud
  - no remote server dependency for the core flow
  - the phone is effectively acting as a live possession key for Mac-side actions

  What I’m trying to figure out now is the actual use case.

  If you’ve ever wanted a sensitive local process to disappear the moment phone-backed trust ended, what was that process?

  I’d especially value blunt feedback on:

  - whether this solves a real problem
  - whether the foreground-only constraint kills it
  - whether there is a better use case than DevOps tunnels

  You can reach me at sergiu_robert@protonmail.com.