Set up this device
Your Postern login is your wallet — a post-quantum keypair only you hold. There is no email, no account server, and no password database anywhere.
Your seed phrase — shown once
There is no email reset, no account, and no support desk that can recover this wallet — no one else ever holds the secret. Forget your passphrase? These words restore everything. Lose these words and the passphrase? The wallet is gone, permanently. That is the self-custody bargain, stated plainly. (No copy button on purpose — a clipboard is not paper.)
Restore from seed phrase
The phrase is checked locally (word list + checksum) and never leaves this page.
Set your unlock passphrase
The wallet secret is sealed on this device with AES-256-GCM under a key derived from this passphrase. You will type it to sign in. It is not the seed phrase — if you forget it, the 24 words restore everything; the passphrase only unlocks this device.
Sealing at rest: AES-256-GCM, key from PBKDF2-SHA-256 (310,000 it.) —
a WebCrypto stand-in for the product's Argon2id (256 MiB, t=4), the exact
bloch-crypto keyfile construction. Only ciphertext is stored.
Biometric unlock — optional
Add a fingerprint / face unlock as a convenience gate. It is not a new root of trust and not a recovery method: the passphrase always remains, and only the seed phrase can recover a lost wallet. In the real product the device TEE (StrongBox / Secure Enclave) releases the wallet key only after the biometric check — and invalidates it if the biometric enrollment changes.
Browser stand-in: WebAuthn platform authenticator (Touch ID / Windows Hello / Android biometric) with the PRF extension, so the biometric assertion really does release the key material that decrypts the sealed wallet copy — standing in for the TEE's biometric-gated key release. No network call is involved.
Sign in — unlock your wallet
Panic Lock engaged: biometric unlock has been disabled. Sign in with your passphrase, then re-enable biometrics deliberately if you choose.
Erasing deletes the sealed wallet from this browser. Without your 24-word seed phrase there is no way back — there is no server copy.
Signed in
- Session challenge — single-use nonce, 2-minute expiry, bound to this page's origin; signed locally and verified before the session was granted
- Signature
-
show signature
Signing key: via WebCrypto — a classical stand-in for the wallet's hybrid Falcon-1024 ‖ ML-DSA-65 post-quantum key held in the device TEE. The flow — seed → passphrase-sealed at rest → local unlock → derive m/login → sign challenge → session — is the real design; only the primitive differs in a browser.
App secrets — unlocked by login
The same identity seals app secrets in the Vault (key derived on postern:vault:v1,
a separate domain from login and spend). Because you signed in, they are open. Lock, and they return to ciphertext.
Biometric unlock
A biometric is a convenience gate in front of the sealed wallet key — never a replacement for the passphrase, never a recovery method. A coerced finger is easier to take than a spoken passphrase, which is why Panic Lock disables the biometric path. Real product: StrongBox / Secure Enclave with enrollment-change invalidation; here: WebAuthn platform authenticator + PRF, labeled above.
Deletes the sealed wallet, the vault, and the biometric enrollment from this browser. Your 24-word seed phrase is then the only way to recreate this identity — there is no server copy.