Desktop v0Server v0

TokenPass Identity Wallet

Personal OAuth System

No cloud accounts, no gatekeepers, same familiar experience.

Desktop AppRun LocallyView Source
TokenPass Desktop Application

Privacy-First Identity

Your keys never leave your device. Every operation happens locally using Bitcoin cryptography.

Your Own OAuth Provider

Replace Google, GitHub, and other identity providers. Authenticate to any app with your Bitcoin identity.

Per-App Key Isolation

Each website gets a unique derived key. Apps can't track you across sites or correlate your identities.

End-to-End Encryption

ECIES encryption with Type42 key derivation. Only you can decrypt messages meant for you.

BAP Identity Protocol

Built on Bitcoin Attestation Protocol. Your identity is cryptographically provable and portable.

Works Everywhere

Desktop apps, web apps, mobile apps. Any app that supports OAuth can use TokenPass.

Lightning Fast

Local signing means no network latency. Signatures are instant, not dependent on cloud services.

How It Works

TokenPass uses Type42 key derivation from the BRC-42/43 standards to create isolated keys for each application.

01
01

Create Your Identity

Generate a master seed protected by your password. This creates your Bitcoin-backed identity that only you control.

02
02

Connect to Apps

When an app requests authentication, TokenPass derives a unique key for that app. No two apps see the same identity.

03
03

Sign & Authenticate

Approve signing requests with one click. The app receives a cryptographic proof of your identity without seeing your private keys.

04
04

Encrypt & Decrypt

Send encrypted messages to friends using their public keys. Only they can decrypt with their private keys.

Developer-First API

TokenPass exposes a simple REST API on localhost. Request tokens, sign messages, and encrypt data with standard HTTP calls.

01

Install & Run

Start the TokenPass server with a single command

bunx @sigma-auth/tokenpass-server
02

Create Wallet

Register your identity with a secure password

POST /api/register
03

Start Authenticating

Sign messages and prove your identity instantly

POST /api/sign
View Full API Docs
authentication.ts
TypeScript
// Request an access token
const { token } = await fetch('http://localhost:21000/api/auth', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    password: 'your-password',
    expiry: '1h',
    scopes: ['sign', 'encrypt']
  })
}).then(r => r.json());

// Sign a message for authentication
const { signature, address } = await fetch('http://localhost:21000/api/sign', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${token}`,
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    message: 'Authenticate to myapp.com',
    host: 'myapp.com'
  })
}).then(r => r.json());

Sigma Auth Ecosystem

TokenPass is part of a broader ecosystem of Bitcoin identity and authentication tools.

npm package
@sigma-auth/better-auth-plugin

Better Auth plugin with React hooks for TokenPass integration. Add Bitcoin authentication to any app.

npmGitHub
npm package
bsv-bap

Bitcoin Attestation Protocol library. Create and manage cryptographic identities on Bitcoin.

npmGitHub
npm package
bitcoin-auth

HTTP authentication using Bitcoin signatures. Create and verify auth tokens with BRC-77 (BSM).

npmGitHub
npm package
bitcoin-backup

Secure backup format for Bitcoin keys. PBKDF2-SHA256 encryption for wallet exports.

npmGitHub