DEV Community: Abhik Mondal The latest articles on DEV Community by Abhik Mondal (@abhik_mondal). https://dev.to/abhik_mondal https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3937404%2Fa678ac92-4b32-48c2-855e-1cf5b65c2629.png DEV Community: Abhik Mondal https://dev.to/abhik_mondal en I built ZKP auth so passwords never touch your server Abhik Mondal Mon, 18 May 2026 07:36:00 +0000 https://dev.to/abhik_mondal/i-built-zkp-auth-so-passwords-never-touch-your-server-3n41 https://dev.to/abhik_mondal/i-built-zkp-auth-so-passwords-never-touch-your-server-3n41 <p>Every time you hear about a major breach, the headline is the same: <em>"Millions of passwords exposed."</em> Attackers get in, dump the database, and walk away with your users' bcrypt hashes. Given enough time and a GPU farm, weak passwords crack. Even strong ones end up in breach databases. The root cause is always the same: <strong>the password reached your server</strong>. It lived in a request body, got hashed, got stored, and now it's someone else's problem. What if the password never traveled at all?</p> <h2> What is Zero-Knowledge Proof auth? </h2> <p>Zero-Knowledge Proofs sound academic, but the core idea is surprisingly simple: <strong>you can prove you know a secret without revealing what the secret is</strong>.</p> <p>Here's a real-world analogy. Imagine you want to prove to a bouncer that you know the secret password to a club, but you don't want to say it out loud where others can hear. Instead, the bouncer gives you a random challenge token and asks you to sign it in a way that only someone who knows the password could. You hand back the signed token. The bouncer checks the signature. You're in — and you never said the password.</p> <p>That's exactly what ZKP auth does at a cryptographic level. Your browser derives a keypair from your password (the password stays in memory, never leaves), uses the private key to sign a server-issued challenge, and the server checks the signature against a stored public key. The server never sees the password. It doesn't even see a hash of the password. It sees a 32-byte public key and a one-time proof.</p> <p>No password database means <strong>no password database to breach</strong>.</p> <h2> How the library works </h2> <p><strong>ZKP Auth</strong> is a TypeScript monorepo with four focused packages:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Package</th> <th>What it does</th> </tr> </thead> <tbody> <tr> <td><code>@zkp-auth/core</code></td> <td>Schnorr proof primitives (Ed25519)</td> </tr> <tr> <td><code>@zkp-auth/server</code></td> <td>Express middleware — register, challenge, verify</td> </tr> <tr> <td><code>@zkp-auth/client</code></td> <td>Browser client — key derivation + proof generation</td> </tr> <tr> <td><code>@zkp-auth/react</code></td> <td> <code>useZKPAuth()</code> hook for React apps</td> </tr> </tbody> </table></div> <h3> Install </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Server</span> npm <span class="nb">install</span> @zkp-auth/server <span class="c"># Browser (vanilla)</span> npm <span class="nb">install</span> @zkp-auth/client <span class="c"># Browser (React)</span> npm <span class="nb">install</span> @zkp-auth/client @zkp-auth/react </code></pre> </div> <h3> Server — three middleware functions, that's it </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// server.ts</span> <span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">cookieParser</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">cookie-parser</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">zkpRegister</span><span class="p">,</span> <span class="nx">zkpChallenge</span><span class="p">,</span> <span class="nx">zkpVerify</span><span class="p">,</span> <span class="nx">InMemoryChallengeStore</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@zkp-auth/server</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">cookieParser</span><span class="p">());</span> <span class="c1">// Swap InMemoryChallengeStore for Redis/Postgres in production</span> <span class="kd">const</span> <span class="nx">store</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">InMemoryChallengeStore</span><span class="p">();</span> <span class="c1">// Your user store — replace with real DB calls</span> <span class="kd">const</span> <span class="nx">users</span> <span class="o">=</span> <span class="k">new</span> <span class="nb">Map</span><span class="o">&lt;</span><span class="kr">string</span><span class="p">,</span> <span class="nb">Uint8Array</span><span class="o">&gt;</span><span class="p">();</span> <span class="c1">// Route 1 — register: receives and stores the user's public key</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span> <span class="dl">'</span><span class="s1">/auth/register</span><span class="dl">'</span><span class="p">,</span> <span class="nf">zkpRegister</span><span class="p">({</span> <span class="na">savePublicKey</span><span class="p">:</span> <span class="k">async </span><span class="p">(</span><span class="nx">userId</span><span class="p">,</span> <span class="nx">publicKey</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">users</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="nx">userId</span><span class="p">,</span> <span class="nx">publicKey</span><span class="p">);</span> <span class="p">},</span> <span class="p">}),</span> <span class="p">(</span><span class="nx">_req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}),</span> <span class="p">);</span> <span class="c1">// Route 2 — challenge: issues a fresh one-time nonce</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span> <span class="dl">'</span><span class="s1">/auth/challenge</span><span class="dl">'</span><span class="p">,</span> <span class="nf">zkpChallenge</span><span class="p">({</span> <span class="nx">store</span> <span class="p">}),</span> <span class="p">(</span><span class="nx">_req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">challengeHex</span><span class="p">:</span> <span class="nx">res</span><span class="p">.</span><span class="nx">locals</span><span class="p">.</span><span class="nx">zkpChallengeHex</span> <span class="p">}),</span> <span class="p">);</span> <span class="c1">// Route 3 — verify: checks the proof and issues a JWT cookie</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span> <span class="dl">'</span><span class="s1">/auth/verify</span><span class="dl">'</span><span class="p">,</span> <span class="nf">zkpVerify</span><span class="p">({</span> <span class="na">getPublicKey</span><span class="p">:</span> <span class="k">async </span><span class="p">(</span><span class="nx">userId</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">users</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="nx">userId</span><span class="p">)</span> <span class="o">??</span> <span class="kc">null</span><span class="p">,</span> <span class="nx">store</span><span class="p">,</span> <span class="na">jwtSecret</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="o">!</span><span class="p">,</span> <span class="p">}),</span> <span class="p">(</span><span class="nx">_req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">cookie</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth</span><span class="dl">'</span><span class="p">,</span> <span class="nx">res</span><span class="p">.</span><span class="nx">locals</span><span class="p">.</span><span class="nx">zkpToken</span><span class="p">,</span> <span class="p">{</span> <span class="na">httpOnly</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">sameSite</span><span class="p">:</span> <span class="dl">'</span><span class="s1">strict</span><span class="dl">'</span><span class="p">,</span> <span class="na">secure</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NODE_ENV</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">production</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="p">},</span> <span class="p">);</span> </code></pre> </div> <h3> Client — React hook </h3> <div class="highlight js-code-highlight"> <pre class="highlight tsx"><code><span class="c1">// LoginForm.tsx</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">useZKPAuth</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@zkp-auth/react</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">LoginForm</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">register</span><span class="p">,</span> <span class="nx">login</span><span class="p">,</span> <span class="nx">logout</span><span class="p">,</span> <span class="nx">isAuthenticated</span><span class="p">,</span> <span class="nx">loading</span><span class="p">,</span> <span class="nx">error</span><span class="p">,</span> <span class="nx">user</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">useZKPAuth</span><span class="p">();</span> <span class="k">if </span><span class="p">(</span><span class="nx">isAuthenticated</span><span class="p">)</span> <span class="p">{</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;</span><span class="nt">div</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">p</span><span class="p">&gt;</span>Welcome, <span class="si">{</span><span class="nx">user</span><span class="p">?.</span><span class="nx">userId</span><span class="si">}</span>!<span class="p">&lt;/</span><span class="nt">p</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">button</span> <span class="na">onClick</span><span class="p">=</span><span class="si">{</span><span class="nx">logout</span><span class="si">}</span><span class="p">&gt;</span>Log out<span class="p">&lt;/</span><span class="nt">button</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">div</span><span class="p">&gt;</span> <span class="p">);</span> <span class="p">}</span> <span class="k">return </span><span class="p">(</span> <span class="p">&lt;&gt;</span> <span class="si">{</span><span class="nx">error</span> <span class="o">&amp;&amp;</span> <span class="p">&lt;</span><span class="nt">p</span> <span class="na">style</span><span class="p">=</span><span class="si">{</span><span class="p">{</span> <span class="na">color</span><span class="p">:</span> <span class="dl">'</span><span class="s1">red</span><span class="dl">'</span> <span class="p">}</span><span class="si">}</span><span class="p">&gt;</span><span class="si">{</span><span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="si">}</span><span class="p">&lt;/</span><span class="nt">p</span><span class="p">&gt;</span><span class="si">}</span> <span class="p">&lt;</span><span class="nt">form</span> <span class="na">onSubmit</span><span class="p">=</span><span class="si">{</span><span class="k">async </span><span class="p">(</span><span class="nx">e</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">e</span><span class="p">.</span><span class="nf">preventDefault</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">f</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">FormData</span><span class="p">(</span><span class="nx">e</span><span class="p">.</span><span class="nx">currentTarget</span><span class="p">);</span> <span class="k">await</span> <span class="nf">register</span><span class="p">(</span><span class="nx">f</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">username</span><span class="dl">'</span><span class="p">)</span> <span class="k">as</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">f</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">)</span> <span class="k">as</span> <span class="kr">string</span><span class="p">);</span> <span class="p">}</span><span class="si">}</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">h2</span><span class="p">&gt;</span>Register<span class="p">&lt;/</span><span class="nt">h2</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">input</span> <span class="na">name</span><span class="p">=</span><span class="s">"username"</span> <span class="na">placeholder</span><span class="p">=</span><span class="s">"Username"</span> <span class="na">required</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nt">input</span> <span class="na">name</span><span class="p">=</span><span class="s">"password"</span> <span class="na">type</span><span class="p">=</span><span class="s">"password"</span> <span class="na">placeholder</span><span class="p">=</span><span class="s">"Password"</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nt">button</span> <span class="na">type</span><span class="p">=</span><span class="s">"submit"</span> <span class="na">disabled</span><span class="p">=</span><span class="si">{</span><span class="nx">loading</span><span class="si">}</span><span class="p">&gt;</span>Register<span class="p">&lt;/</span><span class="nt">button</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">form</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">form</span> <span class="na">onSubmit</span><span class="p">=</span><span class="si">{</span><span class="k">async </span><span class="p">(</span><span class="nx">e</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">e</span><span class="p">.</span><span class="nf">preventDefault</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">f</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">FormData</span><span class="p">(</span><span class="nx">e</span><span class="p">.</span><span class="nx">currentTarget</span><span class="p">);</span> <span class="k">await</span> <span class="nf">login</span><span class="p">(</span><span class="nx">f</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">username</span><span class="dl">'</span><span class="p">)</span> <span class="k">as</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">f</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">)</span> <span class="k">as</span> <span class="kr">string</span><span class="p">);</span> <span class="p">}</span><span class="si">}</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">h2</span><span class="p">&gt;</span>Log in<span class="p">&lt;/</span><span class="nt">h2</span><span class="p">&gt;</span> <span class="p">&lt;</span><span class="nt">input</span> <span class="na">name</span><span class="p">=</span><span class="s">"username"</span> <span class="na">placeholder</span><span class="p">=</span><span class="s">"Username"</span> <span class="na">required</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nt">input</span> <span class="na">name</span><span class="p">=</span><span class="s">"password"</span> <span class="na">type</span><span class="p">=</span><span class="s">"password"</span> <span class="na">placeholder</span><span class="p">=</span><span class="s">"Password"</span> <span class="p">/&gt;</span> <span class="p">&lt;</span><span class="nt">button</span> <span class="na">type</span><span class="p">=</span><span class="s">"submit"</span> <span class="na">disabled</span><span class="p">=</span><span class="si">{</span><span class="nx">loading</span><span class="si">}</span><span class="p">&gt;</span> <span class="si">{</span><span class="nx">loading</span> <span class="p">?</span> <span class="dl">'</span><span class="s1">Authenticating…</span><span class="dl">'</span> <span class="p">:</span> <span class="dl">'</span><span class="s1">Log in</span><span class="dl">'</span><span class="si">}</span> <span class="p">&lt;/</span><span class="nt">button</span><span class="p">&gt;</span> <span class="p">&lt;/</span><span class="nt">form</span><span class="p">&gt;</span> <span class="p">&lt;/&gt;</span> <span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>That's the entire auth surface. No password ever leaves the browser.</p> <h2> How it works under the hood </h2> <p>The protocol is a <strong>Schnorr Proof of Knowledge</strong> over <strong>Ed25519</strong> with the Fiat–Shamir transform. Here's the flow in plain English:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>BROWSER SERVER ────────────────────────────────────────────────────── 1. Derive keypair from password (PBKDF2 + SHA-512 — stays in memory) 2. POST /auth/challenge ──────────► Issue challenge c (random nonce) ◄────────── Return c 3. Generate commitment R = r·G Compute s = r + c·privKey (private scalar stays local) POST /auth/verify (R, s, userId) ──────────► Fetch stored pubKey for userId Verify: s·G == R + c·pubKey ✓ Issue JWT cookie </code></pre> </div> <p>The server only ever stores the 32-byte <strong>public key</strong> — mathematically useless without the private scalar, which only the browser can derive (from the password, which never travels).</p> <p>Replay attacks are impossible: every challenge <code>c</code> is a fresh one-time nonce that expires server-side after a single use.</p> <p>The crypto is built on <a href="https://github.com/paulmillr/noble-curves" rel="noopener noreferrer">@noble/curves</a> — an audited, zero-dependency library. No custom crypto primitives.</p> <p>For the full mathematical derivation and threat model, see the <a href="https://abhik2005.github.io/zkp-auth/security.html" rel="noopener noreferrer">Security Model docs</a>.</p> <h2> Get started </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> @zkp-auth/server <span class="c"># server</span> npm <span class="nb">install</span> @zkp-auth/client <span class="c"># browser / vanilla JS</span> npm <span class="nb">install</span> @zkp-auth/client @zkp-auth/react <span class="c"># React</span> </code></pre> </div> <ul> <li>📖 <strong>Docs</strong>: <a href="https://abhik2005.github.io/zkp-auth/" rel="noopener noreferrer">abhik2005.github.io/zkp-auth</a> </li> <li>🐙 <strong>GitHub</strong>: <a href="https://github.com/Abhik2005/zkp-auth" rel="noopener noreferrer">github.com/Abhik2005/zkp-auth</a> </li> <li>📦 <strong>npm</strong>: <a href="https://www.npmjs.com/package/@zkp-auth/core" rel="noopener noreferrer"><code>@zkp-auth/core</code></a> </li> </ul> <blockquote> <p><strong>Pre-1.0 notice</strong>: This library has not yet undergone a formal third-party audit. Review the <a href="https://abhik2005.github.io/zkp-auth/security.html" rel="noopener noreferrer">security model</a> before deploying to production.</p> </blockquote> <p>Stars, issues, and PRs are all welcome. If you're building something with it, I'd love to hear about it in the comments.</p> javascript security authentication node