Cryptography
Identity & keys
Your account isn’t a phone number or an email — it’s a set of keys your device makes for itself, with a random-looking name derived from them. Every one is hybrid: classical and post-quantum.
When you sign up, your device mints its own set of keys and gives itself a code-name derived from
them (like px_4a3f…). There’s no name, phone, or email involved. Every important operation is
signed twice — once with today’s proven maths, once with maths designed to survive a future quantum
computer — so breaking one doesn’t break you.
Four keypairs are generated on-device: Ed25519 + Dilithium3 (ML-DSA-65) for hybrid
signatures, X25519 for DH, and Kyber1024 (ML-KEM-1024) for the PQ KEM. The pseudonym is
px_ + hex(SHA-256(ed25519_pub)[..16]). Hybrid signing produces both an Ed25519 and a Dilithium3
signature; verification requires both.
The keys at a glance
| Key | Type | Role |
|---|---|---|
| Ed25519 | classical signature | Signs identity assertions; derives your px_id. |
| Dilithium3 | post-quantum signature | ML-DSA-65; the quantum-safe half of every hybrid signature. |
| X25519 | classical DH | Identity DH + signed/one-time prekeys for PQXDH. |
| Kyber1024 | post-quantum KEM | ML-KEM-1024; the quantum-safe half of the handshake. |