Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.hyperauth.dev/llms.txt

Use this file to discover all available pages before exploring further.

HyperAuth is an open source identity platform built on a single core principle: crypto logic belongs close to the data. Every cryptographic operation runs inside SQLite custom functions within a Go WASM plugin, deployed as a Cloudflare Worker that you can run on your own account. Your application gets a thin TypeScript SDK on top — no servers to manage, no keys to custody, no vendor lock-in. Users sign in with a passkey, receive a portable identifier they fully own, and can attach smart accounts, delegate capabilities, and sync across devices — all without passwords, password resets, or a third party holding their session. Every package, every contract, every WASM module is open source under permissive licenses.

Capabilities

Passkey authentication

WebAuthn-based registration and sign-in. No passwords, no shared secrets.

Portable identifiers (DIDs)

W3C-compliant identifiers anchored to the user’s passkey keypair.

ERC-4337 smart accounts

Gasless on-chain accounts linked to the user’s DID.

UCAN authorization

Capability-based delegation without a permission server.

Device sync

Deterministic key derivation enables seamless multi-device identity.

Encrypted vault

Client-side encrypted storage, decryptable only by the identity holder.

Why HyperAuth

Open source

Every layer — SDK, hooks, smart contracts, WASM enclave, vault worker — is open source and auditable.

Self-hostable

Deploy the worker on your own Cloudflare account. No SaaS dependency, no per-MAU billing.

No custody

Keys never leave the user’s device. We can’t lose or leak what we never hold.

Install

npm install @hyperauth/sdk @hyperauth/react
Three packages are available depending on what your application needs:
PackagePurpose
@hyperauth/sdkCore client SDK — crypto, vault, registration, ERC-4337
@hyperauth/reactReact 19 hooks and provider
@hyperauth/uiShared component library (shadcn/ui)

Where to start

Quickstart

Add passkey sign-in to an existing app in minutes.

Register an identity

Walk through the full 12-phase registration flow.

Sign and verify

Produce and verify a UCAN-signed payload.

Architecture

Why HyperAuth is built the way it is.

SDK guides

Task-oriented instructions for common integration scenarios.

Authentication

Handle sign-in, session management, and device re-auth.

Smart accounts

Create and use ERC-4337 accounts from a DID.

UCAN delegation

Issue and validate capability tokens.

Vault management

Read, write, and rotate encrypted vault entries.

Device sync

Link a new device to an existing identity.

Payments

Send gasless transactions via the smart account.

Alias lookup

Resolve human-readable aliases to DIDs.

Deploy

Deploy the HyperAuth Worker to your own Cloudflare account.