Recover your complete cryptographic identity with just a password and a human-memorable identifier. No seed phrase. No custodian. No server.
Seed phrases are the number one cause of permanent asset loss in cryptocurrency. Users are expected to write down 12 to 24 English words on paper, store them securely, and never lose them. This model creates an impossible choice:
You control your keys, but if you lose the seed phrase, your assets are gone forever. No recovery possible. Millions of BTC are already permanently lost.
A third party holds your keys. Your assets are recoverable, but you have no sovereignty. The custodian can freeze, seize, or lose your funds.
Guardians can help recover, but coordination is complex. Guardians can collude. The trust model is fragile and hard to reason about.
VA-DAR (Vendor-Agnostic Deterministic Artifact Resolution) eliminates this trilemma. You maintain full self-custody with a recovery mechanism that requires no server, no custodian, and no social coordination.
VA-DAR stores an encrypted wallet artifact on-chain, addressed by a privacy-preserving identifier. Recovery requires only two things: a human-memorable identifier (email or phone) and a password.
The user registers with a human-memorable identifier (email or phone number). The system derives a 32-byte DiscoveryID via HMAC — the actual identifier never touches the chain. The wallet's identity material is encrypted into an ACE-GF Sealed Artifact using Argon2id key derivation, HKDF expansion, and AES-256-GCM-SIV authenticated encryption, then stored on-chain at the DiscoveryID address.
To recover, the user provides their identifier and password. The system recomputes the DiscoveryID, locates the encrypted artifact on-chain, and decrypts it with the password-derived key. The full identity material is restored — including all key types (Ed25519, Secp256k1, ML-DSA-44).
The DiscoveryID is derived via HMAC with a secret key. Without the secret, attackers cannot enumerate all registered identifiers. They cannot determine which email addresses or phone numbers have registered wallets.
On-chain storage reveals no correlation between a human-readable identifier and the wallet identity. Observers see only opaque 32-byte DiscoveryIDs.
Even if an attacker knows a DiscoveryID, they cannot decrypt the artifact without the password. Argon2id makes brute-force attacks computationally expensive.
The recovered identity automatically includes all key types derived from the same identity material. Recovery is algorithm-agnostic — the same process restores Ed25519, Secp256k1, and ML-DSA-44 keys simultaneously.
If a user registered before ML-DSA-44 was available, recovering with VA-DAR automatically gives them access to the post-quantum key pair derived from their identity material. No re-registration needed.
VA-DAR is not a proprietary recovery service. It is a deterministic protocol that any wallet, any platform, and any developer can implement. There is no vendor lock-in, no service dependency, and no single point of failure.
Any wallet application can implement VA-DAR discovery. The protocol is fully specified and deterministic — same inputs always produce the same outputs.
Works on desktop, mobile, web, and embedded devices. No platform-specific APIs or services required. Pure cryptographic operations.
The encrypted artifact is stored on-chain. No recovery server to maintain, fund, or trust. The blockchain is the only infrastructure dependency.
Given the same identifier and password, VA-DAR always resolves to the same artifact and recovers the same identity. No randomness, no state, no coordination.
A single VA-DAR registration simultaneously provides two capabilities: wallet recovery and payment reachability. When you register your email or phone with VA-DAR, you also become discoverable by HFI-Pay senders.
Register your email once. Get wallet recovery and the ability to receive crypto payments by email address. No separate setup for each feature.
The same HMAC-derived DiscoveryID is used by both VA-DAR (for artifact lookup) and HFI-Pay (for payment routing). Same privacy guarantees for both.