DeviceBound Wallet

A smart wallet based on WebAuthn/Passkey that keeps private keys securely on your device and uses smart contracts to manage digital assets.

Comment

Inspiration

The inspiration for DeviceBound Wallet came from the constant trade-off between security and usability in traditional crypto wallets.
Seed phrases are insecure and cumbersome β€” users often lose access or get phished. We wanted to build a wallet that feels as natural as Face ID, yet as secure as a hardware wallet.

Our goal: No seed phrases, no extensions, no downloads β€” just your device.

What it does

DeviceBound Wallet is a smart wallet that replaces private key storage with WebAuthn / Passkeys.
Instead of managing keys manually, users authenticate using their built-in device biometrics (Touch ID, Face ID, Windows Hello, etc.), while a smart contract enforces ownership and transaction validation on-chain.

Key capabilities:

  • πŸ†• Create wallet using WebAuthn (Passkey)
  • πŸ” Recover wallet using Passkey + contract address
  • πŸ’Έ Send transactions signed with device hardware
  • 🧱 Deploys smart contract wallet automatically
  • πŸ“± Installable as a PWA with offline readiness

How we built it

  • Frontend: Built with React 18 + TypeScript + Vite, providing a lightweight and fast DApp experience.
  • Blockchain: Smart contract written in Solidity (v0.8.24) and deployed to Sepolia and BSC Testnet.
  • WebAuthn Integration: Used native browser APIs to create and authenticate credentials.
    • Extracted public keys from COSE / CBOR format.
    • Converted ASN.1 signatures to ECDSA (r, s) format.
    • Mapped public key hash to on-chain wallet identity.
  • Contract Interaction: Managed via ethers.js v6.
  • PWA: Enabled offline support with vite-plugin-pwa and Workbox.

Challenges we ran into

  • βš™οΈ Handling ASN.1 β†’ ECDSA signature conversion for Passkeys.
  • 🧩 Maintaining cross-browser WebAuthn compatibility (Chrome, Safari, Edge).
  • πŸ” Validating Passkey signatures on-chain using Solidity’s ecrecover.
  • 🧠 Designing a multi-device registration system capped at 3 devices.
  • 🧰 Building a secure and recoverable flow without ever exposing private keys.

Accomplishments we’re proud of

  • πŸ”‘ Fully functional device-bound wallet β€” no seed phrases needed.
  • πŸ“± Seamless biometric signing for blockchain transactions.
  • 🧠 Robust architecture combining WebAuthn + Smart Contracts.
  • 🌍 Multi-chain support (Ethereum Sepolia, BSC Testnet).
  • ⚑ Built and deployed as a Progressive Web App (PWA).

What we learned

We learned how to bridge the gap between Web2 authentication standards and Web3 identity models.
WebAuthn’s public-key credentials can be safely extended to on-chain logic, enabling hardware-level non-custodial wallets.

What’s next

  • 🌐 Add more EVM-compatible networks.
  • πŸ”„ Enable social / cloud recovery for Passkey credentials.
  • 🀝 Integrate with dApps via WalletConnect.
  • 🧩 Audit smart contracts for mainnet readiness.

Try it out

πŸ‘‰ Live Demo
πŸ‘‰ GitHub Repository

Share this project:

Updates