Security FAQ
Technical answers to common questions about our local-first architecture, device security assumptions, and cryptographic tradeoffs.
01. Local Architecture & OS Trust
Local Architecture
Technical answers regarding local-first execution boundaries, operating system sandbox integrations, and biometric data handling.
No. ZeroAuth is an offline-capable, local-first authenticator. The cryptographic vault is stored locally on your device, meaning you can generate TOTP codes, use passkeys, and view credentials without any network connectivity. This eliminates the risk of network-based tracking and prevents authentication failures during server outages.
02. Vault Encryption & Backups
Vault Encryption
Detailed specifications of our zero-knowledge architecture, local key derivation, backup protection, and device recovery assumptions.
03. Trust & Verification
Trust
Our posture on passkeys, open-source auditability, and validation of physical cryptographic boundaries.