I understand that during the CTAP process with a Passkey, a key agreement takes place when scanning the QR code and sending Bluetooth advertisements. Is the Diffie-Hellman algorithm used for the key agreement during this process?
Question about the Key Agreement in the Passkey CTAP process:
The cross-platform sign in method used by passkeys is documented here in the CTAP 2.2 draft spec. In the spec it is known as the "hybrid" transport.