Authentication Flow

The authentication process in Solident is designed to feel as simple as unlocking a phone, but backed by cryptographic security and hardware isolation.

"One face scan, one pattern, that’s all it takes to prove you are you."

Step 1 — Enrollment

  • User scans their face during initial setup.

  • The scan is converted into a non-reversible biometric template.

  • A pattern lock (3x3 grid, minimum 4 points) is created as the secondary factor.

  • Both template and pattern hash are encrypted using AES-256 inside the secure enclave.

Step 2 — Local Verification

  • When logging in, the device captures a new face scan.

  • The scan is compared locally against the encrypted template.

  • The user redraws their pattern, which is hashed and compared to the stored hash.

  • Both checks must succeed before access is granted.

Step 3 — Session Token Generation

  • Once verified, the device issues a short-lived session token.

  • Tokens are cryptographically signed with Ed25519 and tied to the device ID.

  • Expire automatically to prevent hijacking.

  • Tokens are used to interact with the wallet interface and connected dApps.

Step 4 — Transaction Approval

  • For sensitive actions (transfers, swaps, staking), a step-up verification is triggered.

  • User must re-scan their face and confirm the action with their pattern.

  • Transaction is signed locally inside the secure enclave, ensuring private keys never leave the device.

Step 5 — Continuous Monitoring

  • Failed login attempts are logged and monitored.

  • Anomaly detection (timing, frequency, location) can trigger secondary verification.

  • Push notifications alert the user when suspicious attempts occur.

Security Principles in the Flow

  • Face + Pattern = Identity: Both factors are required, neither is enough alone.

  • Local-first checks: No biometric data leaves the device for verification.

  • Short-lived sessions: Tokens expire quickly to reduce attack windows.

  • Step-up for sensitive actions: The higher the risk, the stronger the check.

The authentication flow ensures that every login and transaction in Solident is fast, natural, and backed by hardware-level security, without the complexity of seed phrases.

PreviousData encryption standardsNextTransaction Flow

Last updated