Skip to main content
Keptex

No bespoke crypto.
Just named standards.

The full specification is in the source-available repo. This page is the executive summary.

Cryptographic primitives.

No new constructions. Every primitive used by the algorithm is named in a published standard, implemented by Web Crypto in the core (zero deps), or by audited libraries in the secondary packages.

HKDF
RFC 5869, userKey derivation from wallet signature (Path A) or seed (Path B).
HMAC-SHA-256
RFC 2104 / FIPS 198, scope separation across passwords, passkeys, and credentialIds.
AES-256-GCM
NIST SP 800-38D, at-rest encryption of the local vault blob.
Argon2id
RFC 9106, passphrase KDF, 64 MiB / 3 iter / p=4 by default (D-020).
Ed25519
RFC 8032, passkeys when the relying party accepts alg=-8 (Stellar-coherent).
ES256 (P-256)
FIPS 186-4, passkey fallback when the relying party only accepts alg=-7.

Built on Stellar's curve.

Keptex leans on Stellar's native Ed25519. The same curve runs from your wallet to your passkey, with no transcoding and no second key system. The credential stays chain-invariant: it is bound to (rpId, userHandle, counter, algorithm), never to the chain you display.

Public test vectors.

The @keptex/core package ships a JSON file of fixed inputs → known outputs. Any third party, an independent security researcher, a curious user, can verify that the credentials Keptex produces match the spec, byte for byte.

pnpm --filter @keptex/core test

→ Test Files 4 passed (4) · Tests 69 passed (69)

Threat model.

Compromised cloud / server
None, no server, no cloud. Nothing to compromise.
Stolen device, vault encrypted at rest
Attacker must brute-force Argon2id over the local passphrase. 64 MiB memory cost per attempt.
Stolen device, vault unlocked
Full access while the session is live. Auto-lock defaults to 10 min, configurable down to 1.
Phishing site mimicking a real one
WebAuthn binds credentials to the origin's rpIdHash, phishing-resistant by spec.
Compromised wallet (seed phrase leak)
Every credential ever derived is compromised. Rotate wallets out-of-band, like any other root key.

Licensing.

PolyForm NC

Source-available

The whole repository, the derivation core, the passkey provider, and the apps, is published under PolyForm Noncommercial 1.0.0. Read it, audit it, modify it, run it for any noncommercial purpose.

Commercial

Commercial use

Embedding any part of Keptex in a wallet or a product offered to users needs a separate licence. Copyright holder: S7P7 SASU. Get in touch at contact@keptex.com.