Passwordless. Tokenless. Post-quantum. Sovereign. Replace passwords, JWTs, OAuth tokens, and sessions with per-request signed proofs bound to a key in your hardware enclave. One line of middleware. Every major language.
How it works
No login screen. No logout button. No session middleware. No CSRF tokens. Every request carries its own cryptographic proof, bound to URL and body, rejected if replayed against anything else.
import { pulse } from '@pulse/server'; app.use('/api', pulse.verify({ appId: 'mybank.com', minTier: 'civilian', defaultMinTrust: 0.7, })); app.post('/api/transfer', pulse.requireTrust(0.95), (req, res) => res.json({ ok: true }), );
from pulse import PulseVerifier pulse = PulseVerifier( app_id="mybank.com", min_tier="civilian", ) @app.post("/api/transfer") async def transfer(body, identity = Depends(pulse.require(min_trust=0.95))): return {"ok": True}
import "github.com/pulse-protocol/pulse-go" verifier := pulse.NewVerifier(pulse.Options{ AppID: "mybank.com", MinTier: pulse.TierCivilian, MinTrust: 0.7, }) router.Use(verifier.Middleware()) router.POST("/api/transfer", verifier.RequireTrust(0.95), transferHandler, )
@Configuration public class PulseConfig { @Bean public PulseVerifier pulseVerifier() { return PulseVerifier.builder() .appId("mybank.com") .minTier(Tier.CIVILIAN) .defaultMinTrust(0.7f) .build(); } } @PostMapping("/api/transfer") @RequireTrust(0.95f) public ResponseEntity<?> transfer(...) { ... }
use pulse_axum::PulseLayer; let app = Router::new() .route("/api/transfer", post(transfer)) .layer(PulseLayer::new("mybank.com") .min_tier(Tier::Civilian) .default_min_trust(0.7)); async fn transfer(identity: PulseIdentity) -> impl IntoResponse { // identity.pubkey_id, identity.tier, identity.trust_score }
using Pulse.AspNetCore; builder.Services.AddPulse(opts => { opts.AppId = "mybank.com"; opts.MinTier = Tier.Civilian; opts.DefaultMinTrust = 0.7; }); app.UsePulse("/api"); app.MapPost("/api/transfer", [RequireTrust(0.95)] (PulseIdentity id) => Results.Ok(new { ok = true }) );
import { Pulse } from '@pulse/web'; const pulse = await Pulse.init({ app: 'mybank.com' }); if (!await pulse.isEnrolled()) { await pulse.enroll({ biometric: 'auto' }); } const res = await pulse.fetch('/api/transfer', { method: 'POST', body: JSON.stringify({ amount: 100 }), minTrust: 0.95, });
import Pulse let pulse = try await Pulse(appId: "mybank.com") if !pulse.isEnrolled { try await pulse.enroll(using: .faceID) } let (data, _) = try await pulse.data( for: request, minTrust: 0.95 )
val pulse = Pulse.init(context, appId = "mybank.com") if (!pulse.isEnrolled()) { pulse.enroll(BiometricPrompt.FINGERPRINT) } val response = pulse.fetch(url) { method = "POST" body = json minTrust = 0.95f }
final pulse = await Pulse.init(appId: 'mybank.com'); if (!await pulse.isEnrolled()) { await pulse.enroll(); } final res = await pulse.fetch( Uri.parse('/api/transfer'), method: 'POST', body: jsonEncode({'amount': 100}), minTrust: 0.95, );
import { Pulse } from '@pulse/react-native'; const pulse = await Pulse.init({ app: 'mybank.com' }); if (!await pulse.isEnrolled()) { await pulse.enroll(); // Secure Enclave / StrongBox } const res = await pulse.fetch(url, { method: 'POST', body, minTrust: 0.95 });
What Pulse deletes from your stack
Why Pulse
Every proof is cryptographically bound to URL + body hash. A stolen proof works nowhere else.
Hybrid Ed25519 + ML-DSA-65 (NIST FIPS 204) signatures. Crypto-agile by design.
Your root identity is yours. Generated on your device. Revocable only by you. No issuer.
Same protocol from consumer apps to nation-state. Civilian → Enterprise → National → Strategic.
WebAuthn, CBOR, COSE, FIPS 204, DPoP-style binding. Built on what your security team trusts.
Public domain. No company, no government can capture it. Business is verifier infra, not the spec.
vs. the alternatives
Same browser, same backend, same UX — strictly stronger security.
| Passwords + JWT | OAuth 2.0 + DPoP | Passkeys (WebAuthn) | Pulse | |
|---|---|---|---|---|
| Phishing-resistant | ✗ | partial | ✓ | ✓ (URL+body bound) |
| Token theft = compromise | yes | yes | n/a | no token exists |
| Per-request signed proof | ✗ | ✓ | ✗ (login only) | ✓ |
| Post-quantum (today) | ✗ | ✗ | ✗ | ✓ ML-DSA-65 hybrid |
| Server stores PII | yes | yes | pubkey only | pubkey only |
| Works offline / mesh | ✗ | ✗ | ✗ | ✓ (v0.3) |
| Universal across tiers | ✗ | ✗ | ✗ | ✓ civilian → strategic |
| Spec license | various | IETF | W3C / FIDO | CC0 / Public Domain |
Languages
Idiomatic SDKs generated from a single cryptographic core via UniFFI, NAPI-RS, PyO3, wasm-bindgen, jni-rs, and cbindgen. One audit. No drift. No reinvented bugs.
Native. The source of truth.
NAPI-RS native addon, 5–10× faster than WASM.
wasm-bindgen. Works in every browser.
PyO3 + maturin. FastAPI, Django, Flask.
cbindgen + cgo. chi, gin, net/http.
jni-rs. Spring Boot starter included.
UniFFI. SwiftPM. iOS + macOS.
UniFFI. StrongBox-backed.
cbindgen. For firmware + embedded.
P/Invoke. ASP.NET + minimal APIs.
UniFFI. Rails middleware.
Rustler NIF. Phoenix middleware.
The repo is open. The spec is short. The principles are non-negotiable. Come tear it apart.