Skip to main content

Your Account Is an Equation

There is no password on a ZeqVM node. Your credential is an equation — a multi-line mathematical blob, derived for you at signup (or supplied by you at machine mint). The server never sees it. What the server stores is one irreversible hash; what you hold is the equation itself. Identity in this framework is a piece of math you carry.

Registration mints a ZID

zeq signup "kepler orbits traced in winter starlight" (or the /auth/ wizard) derives an account equation from your phrase, then the client computes:

equation_hash = HMAC-SHA256(
  key = utf8("HULYAS.HITE.f=1.287Hz.tau=0.777s") ‖ saltBytes,
  msg = utf8(equation)
)

with a fresh random 32-byte salt — and POSTs only { equation_hash, equation_salt, display_name, hash_version: 2 } to POST /api/zeq-auth/register-v3. The server:

  • derives your ZID (ZEQ + 11 digits) from the hash,
  • creates your state machine + API key + Site SDK publish key atomically,
  • credits the welcome grant of free compute credits,
  • and if the domain is freshly installed, seats you as genesis admin — first equation in, locked forever by DB trigger.

The response says it plainly: "Remember your equation exactly — it cannot be recovered."

Login is a hash comparison

POST /api/zeq-auth/login-v3 takes exactly two fields:

{ "zid": "ZEQ07100437483", "candidate_hash": "…64 hex chars…" }

The flow: client GET /api/zeq-auth/salt/:zid → recomputes the HMAC over the equation you type → POSTs the candidate hash → server compares with crypto.timingSafeEqual against the stored hash. Match = session token (httpOnly cookie + bearer). The raw equation crossed the wire zero times.

SALT=$(curl -s https://zeqstate.com/api/zeq-auth/salt/ZEQ07100437483 | python3 -c 'import json,sys;print(json.load(sys.stdin)["salt"])')
# …client-side HMAC of your equation with that salt, then:
curl -s -X POST https://zeqstate.com/api/zeq-auth/login-v3 \
  -H "Content-Type: application/json" \
  -d "{\"zid\":\"ZEQ07100437483\",\"candidate_hash\":\"$HASH\"}"

(In practice, use zeq signin ZEQ07100437483 — the native CLI prompts for the equation hidden, never echoed, never in history.)

Hardening you get for free

  • Anti-enumeration salts/salt/:zid answers for every well-formed ZID; unregistered ones get a stable, server-secret-bound decoy salt indistinguishable in shape from a real one. No oracle.
  • Flattened timing — login runs the timing-safe compare even when the ZID doesn't exist.
  • Rate limits + lockout — per-IP limits on register/login/salt; repeated failures temporarily lock the account.

The disposable-identity doctrine

The lost-equation behaviour is a feature, not a gap:

  • Lost equation = lost account. No email reset, no support ticket, no admin override — the server holds nothing that could reconstruct it.
  • Identities are cheap to mint — if you lose one, mint another. The old machine's entangled state stays intact and publicly verifiable; it just has no operator anymore.
  • One opt-in escape hatch exists: if you set a recovery password beforehand, POST /api/zeq-auth/equation-reissue lets you rotate to a fresh equation (it never returns the old one). No recovery password set = no recovery, full stop.

Treat the equation like a private key, because that's what it is: store it in a password manager or on paper, never in a repo, never in chat.

See also