Zero-Knowledge Authentication System - No Email, No Password, Just Your Secret
Project description
Zero-Knowledge Authentication System
The Future of Authentication is Here. No Email. No Password. Just Your Secret.
The time is now ripe for it
๐ What is CryptoLogin?
CryptoLogin is a revolutionary zero-knowledge authentication system that eliminates the need for emails, passwords, or social logins.
The Problem
- ๐ Passwords are stolen daily
- ๐ง Email verification is slow and annoying
- ๐ต๏ธโโ๏ธ Social logins track your users
- ๐ฐ Authentication services are expensive
The Solution
- ๐ One Master Secret - All you need to remember
- ๐ก๏ธ Military-Grade Encryption - AES-256-GCM + Argon2id
- ๐ซ Zero-Knowledge - Your secret never leaves your device
- โก Lightning Fast - Register in seconds
โจ Key Features
| Feature | Description | Security |
|---|---|---|
| Zero-Knowledge | Server never knows your secret | ๐ Military |
| No Email Required | Register without email | ๐ Privacy |
| No Password Required | Single master secret | ๐ Simple |
| AES-256-GCM | NIST standard encryption | ๐ FIPS |
| Argon2id | Memory-hard KDF | ๐ OWASP |
| SecureBuffer | Automatic memory wiping | ๐ Military |
| Data Vault | Encrypted user data | ๐ Zero-Trust |
| REST API | FastAPI + OpenAPI | ๐ Modern |
| Rate Limiting | Brute-force protection | ๐ Production |
๐ฆ Installation
# Install from PyPI
pip install cryptologin
# Or install from source
git clone https://github.com/erabytse/CryptoLogin.git
cd cryptologin
pip install -e .
๐ Quick Start
from cryptologin import CryptoLogin
# Initialize the system
auth = CryptoLogin()
# Register a user
user_id = auth.register(
master_secret="my-super-secret-64-characters-minimum",
user_data={"name": "John Doe", "email": "john@example.com"}
)
# Login
challenge = auth.login_init(master_secret)
session = auth.login_verify(master_secret, challenge)
# Access user data
data = auth.get_user_data(user_id, master_secret)
print(data) # {"name": "John Doe", "email": "john@example.com"}
๐๏ธ Architecture
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ CRYPTOLOGIN โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ โ
โ [USER] โ [API] โ [UserManager] โ [Data Vault] โ [Storage] โ
โ โ
โ ๐ AES-256-GCM + Argon2id + SecureBuffer |
โ ๐ซ Zero-Knowledge Architecture |
โ โก FastAPI + SQLite/PostgreSQL |
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
๐ Security Model
How It Works
1. User creates a Master Secret
2. Secret is NEVER sent to the server
3. Server only stores:
- User ID (derived from secret)
- Challenge (encrypted with secret)
- Vault Data (encrypted with secret)
4. Authentication via Challenge-Response
5. All data encrypted with AES-256-GCM
Security Certifications
| Standard | Compliance |
|---|---|
| NIST FIPS 197 | โ AES-256 |
| OWASP ASVS | โ Argon2id |
| GDPR | โ Zero-Knowledge |
| SOC2 | โ Audit Logs |
๐ Comparison
| Feature | CryptoLogin | Auth0 | Firebase | Clerk |
|---|---|---|---|---|
| Zero-Knowledge | โ | โ | โ | โ |
| No Email Required | โ | โ | โ | โ |
| No Password Required | โ | โ | โ | โ |
| Open Source | โ | โ | โ | โ |
| Self-Hosted | โ | โ | โ | โ |
| Military Encryption | โ | โ ๏ธ | โ ๏ธ | โ ๏ธ |
| Price | ๐ฐFree | ๐ฐ๐ฐ๐ฐ | ๐ฐ๐ฐ | ๐ฐ๐ฐ๐ฐ |
๐ฏ Use Cases
-
๐ Web Applications - Authentication without email/password
-
๐ฑ Mobile Apps - Simple, secure login
-
๐ Enterprise Apps - Zero-trust authentication
-
๐ฅ Healthcare - GDPR compliant authentication
-
๐ณ Fintech - High-security authentication
๐ Documentation
-
API Reference
-
Getting Started Guide
-
Security Whitepaper
-
Architecture Overview
๐ค Contributing
We welcome contributions! Please see our Contributing Guide.
Development Setup
# Clone the repository
git clone https://github.com/erabytse/CryptoLogin.git
cd cryptologin
# Install dev dependencies
pip install -e .[dev]
# Run tests
pytest tests/ -v
# Run the API
python run.py
๐ License
-
Open Source: Apache 2.0
-
Commercial: Available for enterprise use
๐ Support the Project
-
โญ Star the repository
-
๐ Report issues
-
๐ Improve documentation
-
๐ฐ Sponsor the project
-
๐ฃ๏ธ Spread the word
๐ Contact
-
๐ง Email: contact@fbfconsulting.org
-
๐ฆ Twitter: @cryptologin
-
๐ฌ Discord: Join our community
Reinventing Authentication. One Secret at a Time.
A quiet rebellion against digital waste.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cryptologin-1.0.0.tar.gz.
File metadata
- Download URL: cryptologin-1.0.0.tar.gz
- Upload date:
- Size: 33.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ed1bdecf596053016b1d2021f8840895f50609bfc345080811e75868450f1bf9
|
|
| MD5 |
4d1f3f5b8eba6dd0e680e6789cc5e8fd
|
|
| BLAKE2b-256 |
08726ace98464d788609c60f61ca660632d37ddb1d814f17e3916db570aa5e27
|
File details
Details for the file cryptologin-1.0.0-py3-none-any.whl.
File metadata
- Download URL: cryptologin-1.0.0-py3-none-any.whl
- Upload date:
- Size: 37.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ad39c4cac3e101d3337a9d6a7ca792278468b0aa6acd9a039e46a8cd0905debe
|
|
| MD5 |
4e48340cd4408b903aaf79b834020bfb
|
|
| BLAKE2b-256 |
f9472aec8151b62c2c52a03580e890722510f4567ae14c1db228c5fc7342a15d
|
