Skip to main content
Keptex

Lose every device. Recover everything.

Determinism is the recovery story. Re-install the extension, connect the same wallet, optionally import a passkey backup, and the same credentials get re-derived, mathematically, byte for byte.

  1. 01 / install

    Install Keptex on a fresh device.

    Install Keptex on the fresh device. The browser extension is coming to the Chrome Web Store. No account creation, no email, no sync.

  2. 02 / connect the same wallet

    Connect the same wallet you used before.

    Whether you used Freighter (Stellar), MetaMask (EVM), Phantom (Solana), WalletConnect, or generated a fresh Keptex-native wallet, reconnect or restore from the 12 or 24-word seed. Keptex will derive the same userKey from the same wallet, on any device.

  3. 03 / derive on demand

    Passwords are immediately back.

    For deterministic passwords (the (rpId, username, counter) tuples you previously saved as services in Keptex), no import is needed. Re-add each service in Keptex or visit the site and watch the same password appear, derived live.

  4. 04 / import the passkey backup

    Restore your passkeys via the backup envelope.

    Passkeys are deterministic too, but Keptex needs to know which rpIds, user handles, and counters you previously registered. That's what the backup envelope is for: a small JSON file you exported from the previous install. Drop it into the Passkeys section, choose merge or replace, and every credential is back.

The backup envelope format.

The export is a single JSON file, AES-256-GCM-encrypted under a key derived from your userKey via HMAC. Only the same wallet can decrypt it. The envelope is human-readable so you can inspect what it contains before importing.

// Envelope shape
{
"version": 1,
"createdAt": "2026-05-29T18:42:11.000Z",
"kdf": "HMAC-SHA-256",
"kdfInfo": "com.keptex.metadata-backup.v1",
"passkeyCount": 7,
"iv": "<12 bytes, base64>",
"ciphertext": "<AES-256-GCM, base64>"
}

version, createdAt, kdf, kdfInfo, passkeyCount, iv (base64), ciphertext (base64). The ciphertext decrypts to the array of PasskeyEntry records (rpId, userHandle, counter, algorithm, createdAt). Nothing more.

Common errors.

  • WRONG_WALLET, you connected a different wallet to the one that produced the backup. Reconnect the right wallet.
  • CORRUPT_BACKUP, the JSON failed integrity verification. Re-export from the source device if possible.
  • UNSUPPORTED_VERSION, your current Keptex build is older than the backup. Update the extension.
  • EMPTY_BACKUP, the file decrypts but contains zero entries. Confirm you exported the latest one.

What is not yet shipped.

Multi-wallet backups (one envelope spanning several wallets) and digital signatures over the envelope are deferred to a later release. Today, one envelope = one wallet; integrity is enforced by AES-GCM authentication.

Read the algorithm specification