Most login systems ask you to trust a server with a secret. We don't ask for that trust. Here's why, and what it means for you.
You pick a password, they hash it, store it, and hope nothing goes wrong on their end. When it does — and eventually it does — your secret is out there.
The breach isn't always loud. Sometimes credentials circulate for months before anyone notices. Your email-and-password combination gets tried on every service you use. If you reuse passwords, one breach becomes many.
Casimir doesn't store your secret. It can't. There isn't one to store.
The fundamental issue with passwords isn't that they're weak. It's that they require two parties to know the same thing — and one of those parties is a server on the internet.
You hold an Ed25519 keypair: a public key we know about, and a private key that never travels. When you sign in, we send your browser a random challenge. Your browser signs it with your private key. We verify the signature against your public key. If it checks out, you're in.
No password transmitted. No password stored. No password to breach.
This is the same cryptographic primitive that secures SSH, age, and Signal. It's not experimental — it's quietly running infrastructure you already depend on.
challenge unique to this sessionEd25519The signing happens in your browser using the Web Crypto API — a native, audited, browser-level implementation. We wrote no cryptographic code ourselves. We delegated entirely to the same engine that handles TLS.
The tradeoff is real: responsibility shifts from us to you. That's the point. Here's what it means in practice.
There is no “forgot password.” If you lose your private key, we cannot recover your account — not because we're being difficult, but because we genuinely don't have what you'd need. Store it in a password manager, encrypted file, or iCloud Keychain.
Your private key is short enough to copy, which means it's short enough to lose. Don't paste it into chat windows. Don't commit it to a repo. Don't email it to yourself.
Your keypair works across any device you install it on — it's just a string. Copy it deliberately to new devices rather than generating a new one each time. A new keypair means a new identity.
If you believe your private key has been exposed, go to settings and generate a new keypair immediately. Your old key stops working the moment you replace the public key on your account. You don't need to contact us.
We can't see your credentials, reset your account, or be pressured into handing them over — because we don't have them. That's not a limitation. That's the design.