Your identity, signed by you.
Web3Keys is a noncustodial identity portal. You own the key. We can't see it, can't sell it, can't sign for you, and can't lock you in.
Owned by you
Your signing key is generated on this device, encrypted by your biometric, and never leaves.
Verifiable claims
Sign attestations about yourself or your work. Anyone can verify them anywhere — no server needed.
Yours to leave
A 24-word recovery phrase recreates your identity on any device. No lock-in, no opaque vendor.
How exactly does this work?
The key. When you create an identity, your browser generates a Bitcoin SV secp256k1 keypair from a 24-word recovery phrase. The private key is wrapped twice — once with a 256-bit secret derived from your platform biometric (via WebAuthn PRF), once with a key derived from your recovery passphrase. Both wrapped copies are stored in this browser only.
The server. Our server holds your public handle (like a phone book entry) so dApps can recognize you by name. It never sees plaintext keys, mnemonics, or passphrases. If our server disappears, your identity still works — it just won't have a public profile page.
Recovery. Your 24-word phrase IS your identity. We can't see it and we can't help you recover it. Anyone who reads it can recreate you on any device. Keep it offline.
Open source. Every line is on GitHub. Audit it, fork it, run your own.
Claim your identity
A noncustodial BSV identity you fully own — paymail handle, public profile, signed attestations. The signing key never leaves this device and only your biometric unlocks it.
I already have a recovery phrase
Restore from cloud backup
Enter the email address tied to your backup. We'll send you a one-time link valid for 15 minutes. You'll still need your recovery passphrase to decrypt the backup — the server never sees it.
If a backup exists for that email, a recovery link is on its way. Open it on this device when you're ready.
Your recovery phrase
24 words that are your identity. Write them down on paper and keep them somewhere only you can find. We can't see them and we can't help you recover them.
Identity details
Signature
Signed transaction
Signature (DER)
Ciphertext (base64)
Plaintext
Claims are signed statements about an identity. Sign them yourself for self-claims, sign them about others to endorse or attest, or import claims someone else signed about you. Anyone can verify any claim at /verify.
Signed claim
Copy this JSON and send it to the subject. They can paste it into "Import a claim" to save it on their own Web3Keys.
Your claims
Recovery
Your recovery phrase is the master key. Anyone who has it can recreate your identity on any device. Keep it offline and safe.
Profile
Cloud backup
Optional. We store an AES-GCM-encrypted backup of your mnemonic and claims, indexed by an HMAC of your email. Your recovery passphrase still decrypts it — the server never sees the plaintext. To retrieve it on another device, click the link we email you and enter your passphrase.
—Identities on this device
This device
Every signature already re-prompts your biometric, so there's no separate "sign out." To stop using this device entirely, erase it below — make sure your recovery phrases are saved first.