Local WebAuthn PRF experiment

HwKey Passkey → Ethereum Private Key

This derives a deterministic Ethereum-compatible private key from the WebAuthn PRF / hmac-secret extension. The passkey private key itself is never exported.

Checking origin…

Testing only. This prints a private key on screen. Anyone who sees it can control the wallet. Do not fund this wallet unless the whole flow is audited and you fully accept the recovery risk.

1. Diagnostics

Origin—

Secure context—

WebAuthn API—

Stored credential—

2. Register HwKey PRF credential

Register once on this exact HTTPS origin. The browser stores only the credential ID locally. The HwKey key keeps the passkey material.

No registration yet.

3. Derive Ethereum private key

Wallet label / derivation label

Same HwKey key + same site origin + same credential + same label = same private key. Changing the label creates a different private key.

I understand this prints a private key on screen and I am using this for testing.

No derivation yet.

HwKey Passkey → Ethereum Private Key

1. Diagnostics

2. Register HwKey PRF credential

3. Derive Ethereum private key

Event log