TokenPass

Authentication

How Bitcoin-based authentication works in TokenPass

Authentication

TokenPass uses Bitcoin cryptography for authentication. This provides several advantages over traditional auth systems.

How It Works

  1. Key Derivation - TokenPass uses Type42 (BRC-42/BRC-43) to derive unique keys for each application
  2. Message Signing - Authentication is done by signing messages with BSM (Bitcoin Signed Message)
  3. Verification - Any party can verify signatures using only the public key

Flow

Per-App Key Isolation

Each website gets a unique derived key. This means:

  • Apps can't track you across sites
  • Compromising one app doesn't compromise others
  • You maintain a single master identity

OAuth-Compatible

TokenPass acts as an OAuth provider, making it easy to integrate with existing auth flows:

// Redirect to TokenPass for auth
window.location.href = 'http://localhost:21000/auth?' + new URLSearchParams({
  redirect: 'https://myapp.com/callback',
  scopes: 'sign,encrypt'
});

Token Scopes

Available scopes:

  • sign - Sign messages
  • encrypt - Encrypt/decrypt data
  • identity - Read identity info

API Reference

Complete REST API documentation for TokenPass Server

Integration Guide

Integrate TokenPass authentication into your application

On this page

AuthenticationHow It WorksFlowPer-App Key IsolationOAuth-CompatibleToken Scopes