From SmartLedger · Trust infrastructure since 2019

Your identity,
signed by you.

A noncustodial identity portal for the open web. Own your handle. Sign your own credentials. Collect signed attestations from others. Reveal only what's needed, to whom you choose.

Claim your identity → How it works
· noncustodial · open source · BSV-anchored · client-side crypto ·

Today's identity is borrowed.

You sign in with Google. Your name belongs to a brand. Your credentials sit in someone else's database. Every login leaks more about you than the app needs to know. If the provider changes its policy, raises its price, or just disappears, you lose everything you built on top of it.

Web3Keys is the alternative: a portable, cryptographic identity you actually own — built on the same verifiability primitives that SmartLedger brings to enterprise and government records, packaged for individuals.

Three properties. No exceptions.

Owned by you

Your secp256k1 signing key is generated on your device, encrypted by your biometric, and never leaves. We can't see it, sell it, sign for you, or lock you in. If our server disappears, your identity still works.

Verifiable claims

Sign attestations about yourself — your name, your email, your domain, content you authored. Receive signed credentials from schools, employers, sponsors. Anyone, anywhere can verify them with no server in the loop.

Selective disclosure

Each claim field is a salt-commit hash. Reveal any subset later without re-signing. Prove you're a verified creator without revealing your real name. Prove you graduated without showing the transcript.

How it works

  1. 1

    Create

    Pick a handle like @alice@web3keys.com. The browser generates a BSV secp256k1 keypair from a 24-word recovery phrase, then wraps it twice — once with your biometric via WebAuthn PRF, once with your passphrase. Both wrapped copies live in this browser only.

  2. 2

    Claim & collect

    Sign self-claims about yourself. Hand signed claim-packages to people you want to endorse. Import claim-packages others sign about you. Every claim is canonical JSON + ECDSA over a SHA-256 digest — verifiable in any language, anywhere, forever.

  3. 3

    Disclose

    Build a presentation revealing only the fields you choose. Bind it to a specific audience if you want. The verifier checks the issuer's signature and the disclosed commitments — without seeing the fields you held back.

Built for the people who outgrew rented identity.

Creators · NIL

Prove what's yours.

Sign an ownership attestation against the SHA-256 of your image, song, or article — the same hash every platform can compute. Carry your verified identity across YouTube, X, Twitch, and the next ten platforms that haven't been built yet. Your followers can verify on /verify that @you signed @you's work.

Professionals · Credentials

Carry your record.

Schools, employers, certifying bodies, and clients can sign attestations into your wallet. When a recruiter asks for proof, you present a selectively-disclosed bundle — name, degree, dates — without exposing your transcript or salary. They verify the signature against the issuer's public key, no portal login required.

Developers · SSO

Replace OAuth with cryptography.

Drop <script src="https://web3keys.com/sdk.js"></script> into your app. Users tap "Sign in with Web3Keys" — a popup, a biometric, a signed ID token. JWT-shaped but signed with secp256k1 you can verify offline. No OAuth dance, no leaky scopes, no account-recovery support tickets.

For developers

Three lines.

That's everything a relying party needs. The ID token's audience is bound to your clientId, so even a hostile intermediary can't reuse it elsewhere. Verify the secp256k1 signature against the public key in the token's sub field. Done.

Try the live demo → View source on GitHub 
<script src="https://web3keys.com/sdk.js"></script>
<div data-web3keys-signin data-client-id="myapp.example.com"></div>
<script>
  document.addEventListener('web3keys-signin', (e) => {
    // e.detail.idToken — JWT-shaped, secp256k1-signed, bound to your clientId
    fetch('/api/login', { method: 'POST', body: JSON.stringify(e.detail) });
  });
</script>

Trust by construction.

Client-side crypto.

Keys are generated, wrapped, and unlocked entirely in your browser. Our server never sees your mnemonic, your passphrase, or your private key. Even if our database is leaked, your identity is intact.

Open source.

Every line is on GitHub. The wallet, the SDK, the server, the verifier — all of it. Fork it. Run your own. Audit ours.

Built on SmartLedger.

SmartLedger has been building auditable, trust-infrastructure systems for enterprise and government since 2019 — notarization, provenance, accountable AI. Web3Keys is the same DNA, scaled to individuals.

No vendor lock.

Your 24-word recovery phrase recreates this identity on any device, with or without our service. Export it, take it elsewhere, sleep easy.

Claim your identity.

Free. Noncustodial. About thirty seconds.

Get started →