Verification & session issuance
After enrollment and secure storage, Solident enables users to prove identity in real time. The verification process is local-first, while session tokens act as the bridge between identity and decentralized applications.
"You never share your identity. You prove it."
1. Local Verification
When a user attempts to log in, the device performs a new face scan.
The scan is matched against the encrypted biometric template stored locally.
The user also redraws their pattern, which is hashed and compared with the stored hash.
Only if both checks succeed does the system move forward.
2. Token Generation
Once verified, Solident issues a session token.
The token is cryptographic proof that the user has passed both authentication checks.
Tokens are short-lived and expire automatically to prevent hijacking.
3. dApp Integration
Decentralized applications accept session tokens instead of requiring seed phrases or passwords.
Tokens allow transaction signing and account access without revealing raw biometrics.
Developers can integrate Solident through APIs or SDKs, making secure login seamless.
4. Security Reinforcements
Tokens are bound to device and time constraints.
Replay attacks are prevented because expired tokens cannot be reused.
Sensitive actions (withdrawals, swaps, approvals) trigger step-up verification: face + pattern required again.
Security Principles
Local-first verification: Biometrics and patterns checked only on the device.
Short-lived tokens: Reduces attack surface in case of leaks.
Seamless integration: dApps receive proof, not sensitive data.
Verification and session issuance transform Solident into a secure gateway. Users keep full control of their identity, while dApps gain a trusted and tamper-proof way to authenticate.
Last updated