Three key-storage modes
Pick where the private key lives โ your machine, your browser, or end-to-end encrypted on the server.
What it does
Every DocSign user generates an Ed25519 keypair. The public half is registered server-side after email confirmation. The private half stays under your control in one of three modes: local-only (downloaded keyfile, never on the server), browser-stored (IndexedDB, optionally passphrase-protected), or server-encrypted (XChaCha20-Poly1305 + scrypt; the wrapping key is derived from a passphrase the server never sees).
How it works
- 1
Sign up. The wizard generates a fresh Ed25519 keypair in your browser.
- 2
Choose a mode. Local-only writes a JSON keyfile to your downloads. Browser-stored writes to IndexedDB. Server-encrypted uploads only the ciphertext.
- 3
Confirm via email. DocSign emails a one-time link; clicking it activates the key for signing.
- 4
Use it. The signing UI loads the wrapped key, unwraps it locally with your passphrase, signs the SHA-256 of the payload, then wipes the unwrapped bytes from memory.
Why it matters
- The server never sees plaintext private keys in any mode.
- Server-encrypted is the friendly default: same convenience as a password manager, no UX loss compared to plaintext.
- Local-only is the hardest setting: even a full server compromise can't reach the key.
- Browser-stored sits in between โ single device, no passphrase prompt every time.
Want to try it?
Most features are available the moment you sign up. No card required.
Related features
Email-confirmed keys
Every new public key is tied to a one-time email link before it can sign anything.
Cryptographic-proof login
Partner sites get an Ed25519 signature over their nonce โ stronger than 'they were logged in just now'.
Two-factor authentication (TOTP)
RFC 6238 TOTP with QR enrolment, 8 single-use recovery codes, and email-link reset.