Apple does not allow USB OTG ?
because I read and watched several videos that use USB-OTG are supported to transfer files from flash drives and connect hardware wallets,
maybe you can use a USB Micro / Type-C to Lightning Port Converter Adapter.
That is correct, ledger officially said that their hardware wallet is impossible to work with any iphone devices using cable connection, until Apple adds support for usbc.
iPhone users cannot connect the Ledger devices to their phone due to restrictions of the iPhone Lightning port, that was made by apple design on purpose.
You can use adapters but they simply won't work.
Sure about that? I mean on Passport with microSD adapter it is supposed to work. But maybe the iPhone only supports mass storage media through Lightning. On the other hand, a solution would be for the Ledger to show itself as a 'fake' mass storage device through which PSBTs are automatically exchanged.
For instance: (1) application copies PSBT to 'USB drive' / 'SD card', (2) Ledger main firmware recognizes it, takes it as input, does the signature / showing decoded address on screen, (3) signed PSBT is copied back to the 'fake SD card', while the application keeps scanning it for changed files. (4) Lastly, the signed PSBT is recognized, copied to the phone's RAM and sent to the network.
You probably can't plug in an arbitrary USB device, so some custom / hacky solution like I described would be necessary. But I do think it should work.
But for now, the use of a Bluetooth connection is another alternative for iPhone users.
But will the use of Bluetooth be a risk that could become a security hole because currently hacking using the "Flipper Zero" device is quite worrying?
I already explained in the
Flipper Zero / NFC thread that it is easy to overestimate its capabilities. It is a nice package with different wireless technologies in it, but nothing groundbreaking in terms of allowing something that was impossible before. Neither does it make existing attacks much cheaper; in some cases (e.g. if you don't use all of its features), the existing solutions are actually cheaper.
To effectively sniff Bluetooth communication, you need to have an extremely wide frequency band SDR or USRP of at least 80MHz due to the
frequency hopping between roughly 2.4 and 2.48GHz. It is not specifically a security feature, but it makes attacks hard to execute in practice.
The popular ~$350
HackRF One SDR reaches at most 20MHz (can be lower depending on sampling frequency and such).
You will need a USRP around $10k to capture the whole 80MHz Bluetooth band like this:
https://www.ettus.com/all-products/x300-kit/So, I am 99% sure you can't do this with a cheap Flipper Zero..
Back to topic: on iOS, I do think USB transfer should work by emulating mass storage using the microcontroller, of course Bluetooth and NFC work, and QR codes would be the best option.