how Pulse works · for humans, not engineers

One identity. Many devices.
Nobody can lock you out.

Pulse replaces passwords with a sovereign cryptographic identity that lives on your devices. Here's how you actually use it — across phones, laptops, and what happens when one breaks.

01 First time you use Pulse

There is no signup form. No email confirmation. No password to choose. The first time you visit an app that uses Pulse, your device silently does this:

step 1
Generate a sovereign seed
A 32-byte random secret is created inside the device's hardware enclave (Secure Enclave on iPhone, TPM on Windows, StrongBox on Android). It never leaves the chip.
step 2
Derive a per-app key
From the seed, Pulse derives a hybrid post-quantum keypair just for this app. A different app gets a different key — sites cannot correlate you across services.
step 3
Register the public half
The app's server gets only the public key — the equivalent of a username, but cryptographically unique to this device. You are now “logged in”.

That's it. No password to forget. No email to verify. From now on, every request your device sends is signed by that hybrid keypair. The app's server verifies the signature and serves you.

02 “I started on my Mac. Can I use my iPhone too?”

Yes — and you don't log in on the iPhone. Logging in is the thing we're getting rid of. Instead, you pair the new device from one you're already using:

on your mac
Tap “Add a device”
The app shows a QR code (or a six-digit number) — a one-time pairing token signed by the Mac's device key.
on your iphone
Scan the QR
The iPhone generates its own keypair inside its Secure Enclave — a brand new sub-identity, unique to this device.
behind the scenes
Linked to your account
The iPhone's public key is registered as a second authorized device on the app's server. Either device can now sign requests.

Your account on the app now has two authorized device keys — independent at the cryptographic layer, both controlled by you. Losing one doesn't affect the other. This is stronger than passkey sync because there is no Apple or Google account in between us — nobody but you can lock you out.

03 “My phone broke. Now what?”

The phone's key is permanently gone — and that's fine. It was just one of N keys. Your other devices keep working untouched.

To get back to two devices, use one of your remaining devices to pair the replacement — same QR-scan flow as the original pairing. No support ticket. No identity verification call. No password reset email that could be phished. The cryptographic chain of custody runs through hardware you still physically possess.

04 “What if I lose every device at once?”

House fire. Stolen bag. Flood. The catastrophic case. This is where most identity systems fail — they either send you a recovery email (phishable), or there's a support hotline where someone with a tone of voice can social-engineer their way in.

Pulse splits your sovereign root identity into 5 cryptographic shares using Shamir Secret Sharing. Any 3 of the 5 can reconstruct your root. Lose 1: zero risk. Lose 2: still recoverable. Compromise of any 2 shares reveals nothing.

To recover, collect any 3 shares, feed them into a new device, and Pulse reconstructs your sovereign root. Every app you ever used with Pulse is back — same accounts, same history, same balances. No provider had to approve it. You own the recovery, not a help desk.

05 Why this is better than what we have today

TodayWith Pulse
Forgot your password? Click the link in the email. There is no password. The seed lives on your device.
Email gets phished. Attacker resets your bank login. No reset flow exists. Recovery needs 3 of 5 physical shares.
Apple/Google can lock you out of your passkey vault. No provider in the loop. You hold every key directly.
Lost phone = lost access until you call support. Other devices keep working. New device pairs in seconds.
Server breach leaks password hashes for offline cracking. Server only ever sees your public key. Nothing to crack.
Quantum computers will eventually break RSA / ECDSA. Hybrid Ed25519 + ML-DSA-65 (NIST FIPS 204) from day one.

06 What's built today · what's on the roadmap

We don't hide the gaps. Here's where the protocol stands as of v0.1:

CapabilityStatus
Hybrid post-quantum signing & verification ✓ live — try the demo
Per-app derived keypairs from a single seed ✓ implemented (derive.rs)
Tamper detection (URL + body bound proofs) ✓ live — flip the “Tamper” switch in the demo
Multi-device pairing (QR-based) ✓ live — try /pair on the demo
Shamir 3-of-5 root splitting + recovery ✓ live — try /recover on the demo
iOS — pulse-core via XCFramework + Secure Enclave seed store ✓ cryptographic core verified live on iPhone simulator; SE-wrapping code shipped, pending physical-device integration test
Android StrongBox bridge → roadmap (Kotlin + JNI shipped, NDK build pending)
Zero-knowledge biometric liveness → roadmap (v0.5)
Why we say what isn't built yet

Because the protocol's security depends on the user understanding it. We'd rather you trust us with a small clear truth today than discover a gap later. The cryptographic engine is real and audited; the user-facing multi-device + recovery flows are next.

07 Try it

The cryptographic engine is live, deployed, and free to inspect. The demo runs the full Pulse protocol in your browser using a WebAssembly bundle of our Rust core — same code that will run on every server.

Open the demo →    Talk to us →