How does MagicPass work? - A technical overview

MagicPass is a novel, storage-free password that is never stored anywhere on infrastructure. It is created and re-created in real-time using AI’s neural memory (artificial-memory).


The process to create (and re-create) MagicPass can be broken down into the following steps:

  1. The process involves multiple one-way operations (think hash-functions), all of them have to match exactly like a long jigsaw puzzle, to be able to access the exact MagicPass value.
  2. The Master Key is the primary source of User Identity.
  3. The Master Key is created using Natural Entropy, and gets translated into Digital Entropy. (Entropy in nature is much higher than what can be recorded or realized in a computer system)
  4. Each user is guaranteed to have a unique representation of the Vision Secret that they use in their Master Key.
  5. This Secret is Salted, Multi-Hashed and encrypted at rest.
  6. When a user logs-in, the AI verifies the Vision Secret, based on the the stored neural memory (artificial neurons). Upon successful remembrance with AI (multiple neural networks), the user gets access to the secret. This is the first step in creation of MagicPass, after login.
  7. Once AI gives access to the memory secret, an interim, hexadecimal value is derived from this secret. This value creation is done via another series of One-Way Hash functions, therefor always creating the same interim value for a given user.
  8. Just like MagicPass, this interim value is never stored anywhere on infrastructure.
  9. This interim value is then used as a Private Parent Key, in a scheme very similar to the one described in Bitcoin’s Child Key Derivation functions. This means that with a single “memory” that AI remembers, millions of child keys can be derived, each child key bring indistinguishable form their parent, child or sibling keys.
  10. These generations of keys are stacked to group websites that a user wants to create a MagicPass for, and the actual MagicPass value that should be generated for that particular website.
  11. Please note that these Keys are still hexadecimal values at this point. This value needs to be translated into keys of the keyboard, which care actually used for creating passwords.
  12. Now we use yet-another, one-way function that takes values of these Hexadecimal keys, and uses that entropy for bucketing/mixing/padding/replacing to map these inputs to actual valid keyboard characters. These include capital and small English alphabet, numbers and allowed special characters.
  13. If you notice carefully, there are multiple sequences of one-way functions that need to be run exactly in on order to gains access and create a single MagicPass. If any of the pieces of this jigsaw puzzle do not fit, the user cannot get access to this MagicPass value.
  14. Other than the Neural Memory and it’s representations (and metadata), no other password related information or data is saved anywhere, and an attacker would need to solve all of the pieces exactly in this order to be able to reach a single password.
  15. In contrast, traditional Password Management systems have to store password values in their database (often encrypted). We believe that in today’s age, the best way to secure data is by not storing it in the first place. This MagicPass mechanism de-centralizes a password into multiple chunks of a jig-saw puzzle. Some pieces are entirely unrelated to passwords, and some do not have to be stored at all.
  16. The process described above is executed for each user, and each MagicPass created by that user, every-time they access their MagicPass value.

Here is a short video explaining our inspiration behind MagicPass :