Open Arsenal

Deterministic Identity Infrastructure

SelfRoot is an open-source deterministic identity infrastructure platform designed to replace passwords, centralized identity databases, and traditional biometric storage models with a privacy-first authentication system. Instead of relying on credentials that can be stolen or identity records that can be breached, SelfRoot transforms live human presence into cryptographic proof. This creates a more secure foundation for logging in, verifying access, and protecting sensitive systems without exposing personal biometric data.

One of SelfRoot’s most important features is its local-only biometric processing model. Fingerprints, face geometry, or other supported biometric signals are captured and processed directly on the user’s device. Those signals are immediately converted into non-reversible templates used only to unlock a private cryptographic key. The raw biometric data is never stored, never uploaded, and never transmitted to a server. This removes the common risk of centralized biometric databases becoming targets for attackers.

SelfRoot also uses challenge–response authentication instead of passwords or reusable tokens. When access is requested, a service sends a cryptographic challenge that is signed locally by the user’s unlocked private key. The verifier checks the signature and grants access without ever needing to know or store the user’s biometric identity. This passwordless model reduces phishing risks, credential theft, and account takeover attacks while improving convenience for legitimate users.

The platform is designed to support modern security hardware such as TPM chips, secure enclaves, and trusted execution environments when available. Keys can remain hardware-bound, making extraction far more difficult even if a device is compromised. SelfRoot is also intended to be cross-platform, with future support for desktop systems, mobile devices, USB biometric hardware, and embedded environments.

As an open-source AGPL 3.0+ project, SelfRoot emphasizes transparency, auditability, and community-driven security. Its roadmap can include modular integrations for web authentication, workstation logins, enterprise access control, offline identity verification, and sovereign digital identity systems. By shifting identity from something stored in databases to something proven cryptographically in real time, SelfRoot offers a new model for secure and privacy-preserving authentication.