BIP39 Mnemonic Key Generation for Self-Sovereign Browser Identity doesn't phone home. It doesn't need to.
BIP39 Mnemonic Key Generation for Self-Sovereign Browser Identity: Zero-Knowledge Authentication
The Problem
Self-sovereign identity (SSI) represents a paradigm shift in digital authentication, transferring control from centralized identity providers to individual users . This paper presents the Kathon Vault identity system, which implements self-sovereign browser identity through BIP39 mnemonic seed phrases for Ed25519 hierarchical deterministic (HD) key generation .
What We Built
The system generates a master seed from a BIP39 mnemonic (12, 18, or 24 words with configurable passphrase), derives Ed25519 keypairs through the SLIP-10 key derivation scheme , and enables zero-knowledge authentication across websites through a novel browser-native WebAuthn-hybrid protocol. We demonstrate that the BIP39-derived Ed25519 keys provide equivalent security to standard FIDO2/WebAuthn authenticators (316 bits of entropy for 24-word phrases) while offering three critical advantages: (1) deterministic key recovery from the mnemonic phrase alone, (2) hierarchical key organization matching the SLIP-44 registered coin type for Kathon, and (3) cryptographic privacy through zero-knowledge proofs that enable selective attribute disclosure without revealing the master public key.
The Research
Self-sovereign identity (SSI) represents a paradigm shift in digital authentication, transferring control from centralized identity providers to individual users .
This paper presents the Kathon Vault identity system, which implements self-sovereign browser identity through BIP39 mnemonic seed phrases for Ed25519 hierarchical deterministic (HD) key generation .
The system generates a master seed from a BIP39 mnemonic (12, 18, or 24 words with configurable passphrase), derives Ed25519 keypairs through the SLIP-10 key derivation scheme , and enables zero-knowledge authentication across websites through a novel browser-native WebAuthn-hybrid protocol.
We demonstrate that the BIP39-derived Ed25519 keys provide equivalent security to standard FIDO2/WebAuthn authenticators (316 bits of entropy for 24-word phrases) while offering three critical advantages: (1) deterministic key recovery from the mnemonic phrase alone, (2) hierarchical key organization matching the SLIP-44 registered coin type for Kathon, and (3) cryptographic privacy through zero-k
This research demonstrates that sovereign, local-first AI infrastructure is not a future possibility ? it is a present reality.
Full citation: Alpasan, L.-K. (2026). BIP39 Mnemonic Key Generation for Self-Sovereign Browser Identity: Zero-Knowledge Authentication. The Anticloud Research Corpus.
Why The Anticloud
The AI industry is built on promises that vaporize the moment you look closely. Black box models running on opaque infrastructure, trained on data you did not consent to, monetizing outputs you did not authorize. The Anticloud is the opposite of that in every way.
Everything we claim is backed by published research. There is a paper behind every component in the stack, and the code behind every paper is open. We do not make promises about what the system will do someday — we show you what it does today, and you can verify it yourself.
Privacy is not a feature we added to the product. It is a property of the architecture. There are no API endpoints to harden because there is no API to expose. There is no database to encrypt because there is no database. There is no cloud to compromise because there is no cloud. We cannot protect what we do not have, and we designed the system so we have nothing to protect you from.
The system does not guess. It cross-validates its own outputs, detects inconsistencies in its reasoning, and surfaces uncertainty when it does not have confidence in the answer. It knows when it does not know — and it tells you instead of generating a confident-sounding lie.
We built local AI with RAG and RLHF so your knowledge base and your preference alignment stay on your hardware. The model does not need to be fine-tuned on a server farm to understand your context. It learns from your data on your machine, and the results never leave.
The Anticloud requires one machine, one binary, and zero trust in anyone.
About the Author
My name is Lois-Kleinner Alpasan. I'm 23 years old. I built The Anticloud.
I started this because I looked at the AI industry and saw something wrong. Every major AI system requires you to send your data to someone else's server. Every "AI company" is actually a data company — they make money from your usage, your prompts, your files, your attention. They call it a service. I call it extraction.
I spent the last two years building an alternative. Not a feature, not a product, not a startup looking for an exit — an entirely different infrastructure stack. One where AI runs on your machine, for you, and never needs to phone home. One where privacy is not a feature you toggle in settings but a property of the architecture. One where you don't have to trust anyone because you can verify everything.
The project is near production-ready. Every component is open. Every claim is backed by published research. The code is documented. The ledger is verifiable. The binary fits on a laptop.
I'm not asking for trust. I'm asking you to read the paper, verify the claims, and decide for yourself whether the cloud is really necessary — or whether it was always just the default because no one bothered to build an alternative.
Follow the work:
- Research papers: https://zenodo.org/search?q=anticloud
- LinkedIn: https://linkedin.com/in/kleinner
- Project: The Anticloud
Tags: AI, SovereignAI, Anticloud, LocalFirst, Airgapped, ZeroTrust, NoDatacenter, OpenSource, Browser Engine, Privacy, VLM, Ad Blocking
Top comments (0)