How we protect identity data.
Private keys never leave hardware
Device keys are generated in and bound to Secure Enclave (iOS), StrongBox (Android), or TPM (Windows). The operating system cannot extract them. We cannot extract them. They sign, but never export.
Master identity is not stored
The root key derived from your mnemonic is computed on-demand and immediately discarded. It exists in memory only during signing operations. No database, no backup, no cloud sync.
HSM-backed issuer keys
All credential signing uses AWS KMS with hardware security modules. Keys are generated in HSM, sign in HSM, and cannot be exported. FIPS 140-2 Level 3.
PII lives in credentials, not databases
Personal information is encoded in verifiable credentials held by the user. Our systems store DIDs, public keys, and revocation status. Not names, not addresses, not dates of birth.
Pairwise identifiers prevent correlation
Each verifier receives a unique DID. Two verifiers cannot compare notes to track users. The mapping exists only in the registry, protected by access controls.
Selective disclosure by default
SD-JWT format means users choose which claims to reveal. Prove you are over 21 without revealing your birthday. Prove employment without revealing salary.
Immediate credential revocation
Compromised device? Lost phone? Revoke the device certificate immediately. All credentials bound to that device become invalid. New device, same identity, new credentials.
W3C Bitstring Status List
Revocation status encoded in compact bitstrings. Verifiers fetch cached status lists, not individual lookups. Privacy-preserving. Scalable to millions of credentials.
If you discover a security vulnerability, please report it to:
We will acknowledge receipt within 48 hours and provide an initial assessment within 7 days. We do not pursue legal action against security researchers acting in good faith.