About PassSeeds
PassSeeds is a technical experiment that leverages WebAuthn passkeys as the derivation source for cryptographic seed material. PassSeeds hijacks Passkey technology to provide a phishing-resistant, biometrically-secured way to derive cryptographic keys beyond those supported by Passkeys natively. With PassSeeds, you can create a regenerable, cross-deviced synced cryptographic seed that can be used to derive cryptographic keys of any type, such as Bitcoin secp256k1 keys for use as a petty cash Web wallet, BLS 12-381 keys for zero-knowledge proof interactions, and much more.
If you are interested in learning more, check out the full-length blog post here: PassSeeds, on Back Alley Coder
- Create passkeys and derive cryptographic seed material from them
- PassSeeds are automatically synced across all your devices
- Export your PassSeed as a 12 or 24 word BIP39 mnemonic phrase
- Regenerate your PassSeed from an existing passkey on any device
- Use your PassSeed across apps without exporting the private key
PassSeed.create()
Creates a new P-256 passkey through the WebAuthn API and derives a deterministic 32-byte seed string. The method extracts the public key from attestation data and hashes it with SHA-256.
PassSeed.get()
Retrieves an existing passkey and performs dual WebAuthn signatures to recover the public key. The recovered public key is then hashed to derive a deterministic seed string.
PassSeed.create() method above.
You'll be prompted to authenticate with it twice to perform the signature-based recovery.
PassSeed.toMnemonic()
Converts PassSeed bytes or a seed string into a human-readable 12- or 24-word BIP39 mnemonic phrase. This makes it easy to backup and share the seed material.