01 First time you use Pulse
There is no signup form. No email confirmation. No password to choose. The first time you visit an app that uses Pulse, your device silently does this:
That's it. No password to forget. No email to verify. From now on, every request your device sends is signed by that hybrid keypair. The app's server verifies the signature and serves you.
02 “I started on my Mac. Can I use my iPhone too?”
Yes — and you don't log in on the iPhone. Logging in is the thing we're getting rid of. Instead, you pair the new device from one you're already using:
Your account on the app now has two authorized device keys — independent at the cryptographic layer, both controlled by you. Losing one doesn't affect the other. This is stronger than passkey sync because there is no Apple or Google account in between us — nobody but you can lock you out.
03 “My phone broke. Now what?”
The phone's key is permanently gone — and that's fine. It was just one of N keys. Your other devices keep working untouched.
To get back to two devices, use one of your remaining devices to pair the replacement — same QR-scan flow as the original pairing. No support ticket. No identity verification call. No password reset email that could be phished. The cryptographic chain of custody runs through hardware you still physically possess.
04 “What if I lose every device at once?”
House fire. Stolen bag. Flood. The catastrophic case. This is where most identity systems fail — they either send you a recovery email (phishable), or there's a support hotline where someone with a tone of voice can social-engineer their way in.
Pulse splits your sovereign root identity into 5 cryptographic shares using Shamir Secret Sharing. Any 3 of the 5 can reconstruct your root. Lose 1: zero risk. Lose 2: still recoverable. Compromise of any 2 shares reveals nothing.
To recover, collect any 3 shares, feed them into a new device, and Pulse reconstructs your sovereign root. Every app you ever used with Pulse is back — same accounts, same history, same balances. No provider had to approve it. You own the recovery, not a help desk.
05 Why this is better than what we have today
| Today | With Pulse |
|---|---|
| Forgot your password? Click the link in the email. | There is no password. The seed lives on your device. |
| Email gets phished. Attacker resets your bank login. | No reset flow exists. Recovery needs 3 of 5 physical shares. |
| Apple/Google can lock you out of your passkey vault. | No provider in the loop. You hold every key directly. |
| Lost phone = lost access until you call support. | Other devices keep working. New device pairs in seconds. |
| Server breach leaks password hashes for offline cracking. | Server only ever sees your public key. Nothing to crack. |
| Quantum computers will eventually break RSA / ECDSA. | Hybrid Ed25519 + ML-DSA-65 (NIST FIPS 204) from day one. |
06 What's built today · what's on the roadmap
We don't hide the gaps. Here's where the protocol stands as of v0.1:
| Capability | Status |
|---|---|
| Hybrid post-quantum signing & verification | ✓ live — try the demo |
| Per-app derived keypairs from a single seed | ✓ implemented (derive.rs) |
| Tamper detection (URL + body bound proofs) | ✓ live — flip the “Tamper” switch in the demo |
| Multi-device pairing (QR-based) | ✓ live — try /pair on the demo |
| Shamir 3-of-5 root splitting + recovery | ✓ live — try /recover on the demo |
| iOS — pulse-core via XCFramework + Secure Enclave seed store | ✓ cryptographic core verified live on iPhone simulator; SE-wrapping code shipped, pending physical-device integration test |
| Android StrongBox bridge | → roadmap (Kotlin + JNI shipped, NDK build pending) |
| Zero-knowledge biometric liveness | → roadmap (v0.5) |
Because the protocol's security depends on the user understanding it. We'd rather you trust us with a small clear truth today than discover a gap later. The cryptographic engine is real and audited; the user-facing multi-device + recovery flows are next.
07 Try it
The cryptographic engine is live, deployed, and free to inspect. The demo runs the full Pulse protocol in your browser using a WebAssembly bundle of our Rust core — same code that will run on every server.