> ## Documentation Index
> Fetch the complete documentation index at: https://docs.chipipay.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Passkeys

> Sign Starknet transactions with Touch ID, Face ID, or Windows Hello. The user's private key never leaves their device, and they never type a password.

The `@chipi-stack/chipi-passkey` package handles the browser side of passkey authentication for Chipi wallets. The user authenticates with biometrics — Touch ID, Face ID, Windows Hello, Android biometrics — and the wallet's private key stays on their device.

## What you build with this

* **Sign-up without a password.** The user taps Touch ID once; you get back a public key + credential id and create their wallet.
* **Sign every transaction with biometrics.** No PIN prompt, no password modal, no copy-pasted seed phrase.
* **Recover lost passkeys.** A second passkey on a different device, or a PIN fallback at the SDK boundary, both keep the wallet recoverable.

## Install

```bash theme={null}
npm install @chipi-stack/chipi-passkey
# or pnpm / yarn
```

Browser-only. The package depends on `navigator.credentials` and `crypto.subtle`; it does not run on Node or Bun server entry points.

## Pick your path

There are two wallet types — the SDK supports passkeys for both, but the entry point differs.

<CardGroup cols={2}>
  <Card title="SHHH wallets (default)" icon="key" href="/sdk/passkeys/quickstart">
    Use `createShhhPasskey` + `signShhhMessage`. The P-256 key stays inside the platform authenticator. No PIN. This is the path new integrations should take.
  </Card>

  <Card title="Legacy CHIPI v29 wallets" icon="key" href="/sdk/passkeys/api#legacy-prf-passkey">
    Use `createWalletPasskey` + `getWalletEncryptKey`. The WebAuthn PRF extension derives an encryption key that unlocks a stored STARK key. Still supported.
  </Card>
</CardGroup>

## Browser support

The platform authenticator must be available — that's iOS 15+ Safari, modern Chrome / Edge, Firefox 122+ on macOS / Windows, Android 9+ Chrome. The package exposes `isWebAuthnSupported()` so you can branch your UI:

```ts theme={null}
import { isWebAuthnSupported } from "@chipi-stack/chipi-passkey";

if (!isWebAuthnSupported()) {
  // Render the PIN fallback flow instead of a "Sign up with passkey" button.
}
```

## Related

* [Quickstart](/sdk/passkeys/quickstart) — register a passkey and sign a transaction, end to end
* [API reference](/sdk/passkeys/api) — every exported function
* [When passkeys fail](/sdk/passkeys/when-passkeys-fail) — what to do when the browser changes, the user loses their device, or biometrics break
