User device (enrollment + local verification)
The user’s device is the first line of security in Solident’s architecture. It is where biometric data is captured, processed, encrypted, and verified, all without ever leaving the device.
"Your identity begins and ends on your device."
1. Enrollment
Face scan: During setup, the device captures the user’s face.
Template creation: The system converts the scan into a mathematical template.
Instant encryption: The template is encrypted immediately so no raw image or video is kept.
Pattern setup: The user draws a pattern on a 3x3 grid, stored only as a salted hash.
2. Local Verification
Face matching: Each login requires a fresh scan, matched locally against the stored encrypted template.
Pattern input: The user redraws their pattern, which is hashed and compared with the stored hash.
Combined check: Access is granted only if both face and pattern pass verification.
3. Hardware Security (Secure Enclave / TEE)
Keys are generated and stored inside the device’s secure enclave or trusted execution environment (TEE).
Even if the operating system is compromised, keys cannot be extracted.
Sensitive operations like template matching and pattern verification are isolated in this hardware-protected zone.
4. Offline-first Design
Verification works without internet access.
Users can still unlock wallets, verify identity, and interact with dApps offline before signing transactions.
This prevents network-based attacks from interfering with authentication.
Key Principles
Nothing raw leaves the device: Only encrypted templates and hashes are ever stored or transmitted.
Local-first verification: Authentication does not rely on external servers.
Hardware-backed security: Enclaves protect keys and prevent tampering.
User-controlled: The device is the trusted environment, not a cloud service.
The user device is the core trust anchor of Solident. It ensures that authentication is fast, private, and impossible to bypass without physical access and user consent.
Last updated