Privacy & Security
This page explains the privacy and security model behind mwen.io — what the system protects, how it protects it, and where the limits are.
What mwen.io stores (nothing server-side)
mwen.io does not run a user database. No server holds:
- Your name, email, birth date, or any other personal information.
- Your 24-word phrase.
- Your private keys.
- A record of which apps you have signed in to.
- A log of when you authenticated.
All of this lives on your device, encrypted in your browser's local storage.
Per-app unlinkability
Every app you sign in to receives a different pseudonymous identifier (did:jwk). These identifiers are derived from your phrase using a one-way function (HKDF-SHA256) with the app's domain as input.
The result:
shop.example.comsees identifier A.news.example.orgsees identifier B.- A and B are cryptographically unrelated — there is no shared string, no shared hash, nothing that links them back to the same person.
Even if two apps colluded and compared their user lists, they could not determine that A and B belong to the same person.
Zero-knowledge age proofs
When an app requests age verification (e.g. "over 18"), your wallet generates a zero-knowledge proof using the BBS+ signature scheme. This proves the statement is true without revealing your birth date. The app receives a boolean result — never the underlying claim value.
What correlation is still possible
Per-app unlinkability is a DID-layer property. Correlation can still occur through other channels:
| Correlation vector | How it works | Mitigation |
|---|---|---|
| Disclosed claim values | If you share your email address with two apps, those apps can identify you as the same person via the email. | Only share claims that are necessary for each app. |
| IP address | Both apps see your IP address during the sign-in request. | Use a VPN if IP-based tracking is a concern. |
| Timing analysis | Server-side analytics could correlate sign-in times across apps. | This is a standard web tracking vector; VPN/Tor mitigates it. |
These are presentation-layer vectors, not identity-layer vectors. mwen.io cannot prevent an app from correlating data it already holds.
How your seed is protected on-device
Your master seed is encrypted in two independent ways:
WebAuthn path (primary):
- An
AES-256-GCMkey is generated by the browser's secure enclave. - The key is marked
extractable: false— it cannot be exported from the browser, even by extension code. - The seed is encrypted with this key and stored alongside it.
- Unlocking requires a successful WebAuthn assertion (biometric or security key).
Password path (fallback):
- Your password is processed through PBKDF2-SHA256 with 600,000 iterations and a 16-byte random salt.
- The resulting key encrypts the seed with AES-256-GCM.
- The ciphertext, salt, and IV are stored in browser storage.
Neither the raw seed nor any derived private key is ever written to disk in plaintext.
Key rotation
If you believe your phrase has been compromised, or if you simply want to start fresh with all apps, you can perform a key rotation.
Key rotation generates a new 24-word phrase and re-derives all per-app keys from the new phrase. This means:
- Every app will see a new, unrelated identifier.
- You must re-authenticate with every connected app — they will treat you as a new user.
- Your old per-app identifiers become invalid.
Key rotation is a significant, irreversible step. Only use it if you have reason to believe your phrase was exposed.
The browser extension security model
The mwen.io Chrome extension uses the Chrome MV3 architecture, which provides:
- Content script isolation: The extension's private key operations run in a separate service worker context, not in the web page's JavaScript environment.
- Origin validation: The content script that bridges the web page to the extension validates that messages come from expected origins.
chrome.storage.local: When the extension is installed, the seed migrates from IndexedDB (web app storage) tochrome.storage.local, which is inaccessible to web page scripts.
Reporting a security issue
If you discover a security vulnerability in mwen.io, please report it responsibly via the project's security disclosure process rather than posting publicly.