Skip to main content
Ave implements a comprehensive security architecture built on three core principles:
  1. Passwordless Authentication - WebAuthn passkeys eliminate password vulnerabilities
  2. End-to-End Encryption - Your data is encrypted before it leaves your device
  3. Zero-Knowledge Architecture - The server cannot decrypt your data

Security Layers

1

Authentication Layer

WebAuthn passkeys provide phishing-resistant authentication using your device’s biometric sensors or security keys.
  • No passwords to steal or guess
  • Resistant to phishing and man-in-the-middle attacks
  • Hardware-backed cryptographic verification
2

Encryption Layer

End-to-end encryption ensures only you can read your data.
  • AES-256-GCM encryption
  • Master keys never leave your device in plaintext
  • Each user generates their own encryption keys
3

Recovery Layer

Multiple recovery mechanisms ensure you never lose access.
  • Trust codes for account recovery
  • Multi-device login approval
  • PRF extension for seamless passkey-based recovery
4

Session Layer

Secure session management with device tracking.
  • SHA-256 hashed session tokens
  • Per-device session isolation
  • Activity logging for audit trails

What the Server Cannot See

Ave’s zero-knowledge architecture means the server stores encrypted data it cannot decrypt:

Never Sent in Plaintext

  • Master encryption keys
  • Security question answers (removed)
  • Decrypted user data
  • Trust code plaintext

Server Can See

  • Hashed passkey challenges (WebAuthn protocol)
  • Encrypted master key backups
  • Hashed trust codes
  • Session tokens and device info
  • Activity logs (actions, not content)
The server stores encrypted blobs that only you can decrypt with your master key. Even if the database were compromised, your data remains protected.

Data Protection Guarantees

Client-Side Operations

All sensitive cryptographic operations happen in your browser:
  • Key Generation: Master keys are generated using crypto.subtle.generateKey() with 256-bit AES-GCM
  • Encryption: Data is encrypted before transmission using the Web Crypto API
  • Key Derivation: Trust codes derive encryption keys using PBKDF2 with 100,000 iterations
See ave-web/src/lib/crypto.ts:19 for implementation details.

Server-Side Security

The server handles authentication and stores encrypted data:
  • Passkey Verification: WebAuthn responses are verified using @simplewebauthn/server
  • Hash Storage: Trust codes and session tokens are stored as SHA-256 hashes
  • Encrypted Backups: Master key backups are stored encrypted, only decryptable with trust codes
See ave-server/src/routes/register.ts:101 for registration flow.

Authentication Methods

Ave supports multiple authentication methods for different scenarios:
MethodUse CaseSecurity LevelRequires
PasskeyPrimary loginHighestDevice biometric/PIN
Device ApprovalNew device setupHighExisting logged-in device
Trust CodeAccount recoveryMediumSaved recovery code
Trust codes should be stored securely offline (printed, password manager, etc.). Anyone with a trust code can decrypt your master key backup.

Security Best Practices

For Users

  1. Save Trust Codes: Store your trust codes in a secure location immediately after registration
  2. Enable Biometrics: Use Touch ID, Face ID, or Windows Hello for passkey protection
  3. Monitor Devices: Regularly review active devices and revoke unknown sessions
  4. Use Multiple Passkeys: Register passkeys on multiple devices for redundancy

For Developers

When integrating with Ave:
  1. Respect E2EE: If an OAuth app doesn’t support E2EE, it won’t receive encrypted data
  2. Validate Origins: Always verify WebAuthn challenges come from expected origins
  3. Use HTTPS: WebAuthn requires secure contexts (HTTPS or localhost)
  4. Handle Expiration: Sessions expire after 30 days; implement token refresh

Security Audit Trail

All security-related actions are logged in the activity log:
  • Account creation and recovery
  • Login attempts (successful and failed)
  • Passkey additions and removals
  • Trust code regeneration
  • Device authorizations and revocations
Activity logs include severity levels:
  • info - Normal operations (login, passkey added)
  • warning - Security-relevant actions (trust code used, passkey removed)
  • danger - Critical security events (account recovered, all devices revoked)
See Key Management for details.

Threat Model

Ave is designed to protect against: Phishing Attacks - Passkeys are origin-bound and cannot be phished Credential Stuffing - No passwords to reuse or steal Server Compromise - Encrypted data remains protected even if database is leaked Man-in-the-Middle - WebAuthn and HTTPS prevent interception Session Hijacking - Tokens are hashed and scoped to devices ⚠️ Device Compromise - If an attacker gains access to your unlocked device, they can use your stored master key. Use device encryption and lock screens. ⚠️ Trust Code Theft - Protect trust codes like passwords. Anyone with a code can recover your account.

Next Steps

WebAuthn Implementation

Learn how passkeys work in Ave

Encryption Model

Deep dive into E2EE architecture

Key Management

Master key generation and recovery

Testing Guide

Test security workflows end-to-end

Build docs developers (and LLMs) love

Get started for freeTalk to us