Introduction

A decentralized identity platform using passkey-secured WASM enclaves. No passwords. No custody. No compromise.

What is Hyperauth?

Hyperauth is a decentralized identity platform built on a single core principle: crypto logic belongs close to the data. All cryptographic operations run inside SQLite custom functions within a Go WASM plugin, deployed as a Cloudflare Worker. Your application gets a thin TypeScript SDK on top — no servers to manage, no keys to custody.

Identity in Hyperauth is self-sovereign. Users register with a passkey, receive a decentralized identifier (DID), and can attach smart accounts, delegate capabilities, and sync across devices — all without passwords or centralized auth servers.

Capabilities

Passkey authentication — WebAuthn-based registration and sign-in, no passwords
Decentralized identifiers — W3C DIDs anchored to the user's passkey keypair
ERC-4337 smart accounts — gasless on-chain accounts linked to the user's DID
UCAN authorization — capability-based delegation without a central authority
Device sync — deterministic key derivation enables seamless multi-device identity
Encrypted vault — client-side encrypted storage, decryptable only by the identity holder

Install

npm install @hyperauth/sdk @hyperauth/react

Three packages are available depending on what your application needs:

Package	Purpose
`@hyperauth/sdk`	Core client SDK — crypto, vault, registration, ERC-4337
`@hyperauth/react`	React 19 hooks and provider
`@hyperauth/ui`	Shared component library (shadcn/ui)

Documentation

Tutorials — Learn by building

Step-by-step guides that take you from zero to a working integration.

Quickstart — Add passkey sign-in to an existing app in minutes
Register an identity — Walk through the full registration flow
Sign and verify — Produce and verify a UCAN-signed payload

Guides — Solve specific tasks

Task-oriented instructions for common integration scenarios.

Authentication — Handle sign-in, session management, and device re-auth
Smart accounts — Create and use ERC-4337 accounts from a DID
UCAN delegation — Issue and validate capability tokens
Vault management — Read, write, and rotate encrypted vault entries
Device sync — Link a new device to an existing identity
Payments — Send gasless transactions via the smart account
Alias lookup — Resolve human-readable aliases to DIDs
Deploy — Deploy the Hyperauth Worker to your own Cloudflare account

Reference — Look up API details

Complete API documentation for every public surface.

SDK client — @hyperauth/sdk — all exports, types, and options
React hooks — @hyperauth/react — hooks and provider API
UI components — @hyperauth/ui — component props and usage
Contracts — On-chain contract ABIs and addresses
Vault API — Vault read/write protocol
Types — Shared TypeScript types
Configuration — Worker and SDK configuration options

Concepts — Understand the architecture

Background reading that explains why Hyperauth works the way it does.

Architecture — SQLite-as-DID-CPU, WASM enclaves, and the Worker model
DID model — How DIDs are derived, anchored, and resolved
Security model — Threat model, trust boundaries, and key custody
Registration flow — End-to-end walkthrough of identity creation
Smart account abstraction — ERC-4337 integration design

Getting Started

Go from zero to a working passkey-authenticated React app in under ten minutes.

On this page

What is Hyperauth?Capabilities Install Documentation Tutorials — Learn by building Guides — Solve specific tasks Reference — Look up API details Concepts — Understand the architecture