We use BIP-39 to produce 12 words, and the user is responsible for backing them up somewhere.

The mnemonic is converted to raw data (entropy) which is used to deterministically derive a key pair

Browser is responsible for storage, key is not visible or usable to the user or any JS code running in the browser.

This is how web keys are currently saved. But it is problematic for long-term identities because the browser frequently wipes the data.

We currently use this for storing keys in the desktop app.

Ideally the keychain will be backed up and synced to other devices by the operating system, but it is not currently doing that.

Note: We save mnemonics in the desktop app using a similar approach, but the keychain holds only the decryption key, and the encrypted mnemonics are saved to disk inside the app's data dir.

Described in detail in Zero-Knowledge Multi-Device Identity System

The simple way to think about this: The server stores the encrypted key, and the user is required to remember a decryption passphrase.

A special API endpoint on a domain can specify what is the public key, and that public key can also sign something that says "my domain is X"

This is how Web Sites are currently associated with HM Accounts.

One key gives another key full access to write on behalf of itself. This is dangerous but is how we accomplish device linking today.

One key will create a profile blob that redirects to another account ID.

A generic ability for one key to sign information about another key. This information can include an edge name or other metadata, possibly specifying if this key is a device for the same user.

This mechanism can be used for a server to sign information about other keys that are used on that server. For example the gabo.es key can sign something saying that another key has authenticated as Gabo, and this may be interpreted by readers as coming from the same person.

Save the reference to the person/organization/site by using the account ID in URL format, such as hm://z1234...

Account ID references are good because they are trustless, they last forever, and they do not rely on external infrastructure.

Domains are easy for people to read and memorize.

When referencing with domains, the keys can be rotated or accounts can be recovered.

Ideally, we will move to a form of reference which primarily uses account IDs but also saves the domains.

This allows us to reach the benefits of both reference types, but it requires additional UX to handle situations where the domain is unreachable or if the key has changed.