canvass.STEP 02 / 04
INVITED BY MARIA O. · NY-AD-50
Two locks. Either opens the vault.
You’ll set a passphrase you remember and bind a passkey to this device. Either unlocks. Both are required to keep us honest about recovery.
PASSKEY · BOUND
iPhone 15 · Touch ID
WebAuthn PRF · ed25519 · synced via iCloud Keychain
PASSPHRASE · 4 OF 6 WORDS
ballot
hudson
lantern
kerosene
▍
—
Six words from a 7,776-word list ≈ 77 bits of entropy. We’ll never see them; Argon2id wraps the K-DEK locally.
WHAT HAPPENS ON SUBMIT
1.generate K-DEK · 256-bit
2.wrap with Argon2id(passphrase) → blob A
3.wrap with WebAuthn PRF(passkey) → blob B
4.upload {A, B} to server. plaintext never leaves