Key custody is the most critical security property of PTERI.
It is enforced at the hardware level.
iOS: Secure Enclave
Android: Hardware-backed Keystore
These environments ensure:
Keys cannot be exported
Keys cannot be read by apps
Keys can only be used via approved operations
Biometrics in PTERI:
Do not identify the user
Do not leave the device
Do not replace cryptography
They serve one purpose only:
Gating key usage.
Biometrics answer:
“Is the legitimate device holder present right now?”
They do not answer:
“Who is this person globally?”
Biometric data
Biometric hashes
Biometric signals
All biometric enforcement happens locally.
Because Kakr never has keys:
Kakr cannot recover identities
Kakr cannot reset wallets
Kakr cannot bypass biometrics
Kakr cannot sign on behalf of users
This is an explicit tradeoff:
Slightly more responsibility for users
Vastly stronger security guarantees
Authority that cannot be stolen is authority worth protecting.
Last updated 4 days ago
Was this helpful?
