On macOS OS updates/reboot, CryptoTokenKit extension doesn't get loaded automatically when the system boots back. It needs another reboot to get the extension loaded and working.
After update:
% security list-smartcards
<No smart cards>
.. and there is a crash for authorizationhosthelper.arm64 in keychain layer
Thread 2 Crashed:: Dispatch queue: com.apple.security.keychain-cache-queue
0 libdispatch.dylib 0x18e2e499c dispatch_channel_cancel + 12
1 Security 0x1914ccfd0 invocation function for block in Security::KeychainCore::StorageManager::tickleKeychain(Security::KeychainCore::KeychainImpl*) + 44
2 libdispatch.dylib 0x18e2ce3e8 _dispatch_client_callout + 20
3 libdispatch.dylib 0x18e2d18ec _dispatch_continuation_pop + 600
4 libdispatch.dylib 0x18e2e57f0 _dispatch_source_latch_and_call + 420
5 libdispatch.dylib 0x18e2e43b4 _dispatch_source_invoke + 832
6 libdispatch.dylib 0x18e2d5898 _dispatch_lane_serial_drain + 368
7 libdispatch.dylib 0x18e2d6544 _dispatch_lane_invoke + 380
8 libdispatch.dylib 0x18e2e12d0 _dispatch_root_queue_drain_deferred_wlh + 288
9 libdispatch.dylib 0x18e2e0b44 _dispatch_workloop_worker_thread + 404
10 libsystem_pthread.dylib 0x18e47b00c _pthread_wqthread + 288
11 libsystem_pthread.dylib 0x18e479d28 start_wqthread + 8
Opening the parent app bundle as a Login item does not help. A reboot sometimes fixes it but this happens frequently and causes lot of enterprise endpoints not able to authenticate. After reboot:
% security list-smartcards
com.foo.tech.mac-device-check.SecureEnclaveTokenExtension:700D6B7E8943B529569D9CC81AC6F930
Please provide and prioritize a permanent fix/workaround for this issue. We have already reported this issue with crash and sysdiagnose logs in FB13622281 earlier this year.