Next-generation identity without passwords, tokens, or secrets leaking across the network.
QuantumAuth is a secure, device-anchored authentication system designed for modern apps.
Instead of passwords or shared secrets, the client device generates a TPM-backed asymmetric keypair, and all identity operations happen locally.
Only public material leaves the device.
Nothing private is ever transmitted.
Validation is cryptographic and verifiable.
Use it for:
- Web apps
- Desktop apps
- Mobile apps
- IoT + embedded devices
- Distributed infrastructure authentication
| Repo | Description |
|---|---|
| 🔑 quantum-auth | Main server (Go) – challenge/verify, users, devices |
| 🖥️ quantum-auth-client | Local device client with TPM signing |
| 📦 quantum-auth-sdk | Core TS SDK + utilities |
| 🌐 quantum-web | The official dashboard & developer portal (Next.js) |
| 🧪 Demo Apps (coming) | Example integrations |
Keys are created inside the user’s hardware (TPM / Secure Enclave), and never leave the device.
Servers never store private keys or passwords.
Everything is verified by cryptographic challenge-response.
The signed challenge includes:
- Nonce
- Origin
- Client state
- Timestamp
Preventing replay or impersonation.
- Linux (TPM 2.0)
- Windows (TPM)
- macOS (Secure Enclave coming soon)
- Browser via local client
- IoT devices
Simple, consistent flow: client: request challenge server: return challenge client: sign with TPM key server: verify signature → authenticated