HOW DOES THIS WORK?
?
SOST DEX โ Complete Guide
🔒 Identity & Wallet
The DEX uses a local browser wallet โ your cryptographic identity (ED25519 signing + X25519 encryption keys) is created and stored in your browser using IndexedDB, encrypted with Argon2id from a passphrase you choose.
• Create Identity โ generates a new keypair locally. No server registration.
• Import Backup โ restore a previously exported encrypted identity JSON.
• Export โ save your identity as encrypted backup (always do this!).
• Lock/Unlock โ session auto-locks after 5 min inactivity.
• Your keys never leave your browser. The relay cannot read your deals.
🔓 Passkey / Biometric Authentication
If your device supports WebAuthn, you can use fingerprint, Face ID, or secure device PIN for faster and safer access.
• Register Passkey โ one-time setup on your device.
• Login with Passkey โ unlock your session with biometrics instead of typing passphrase.
• Re-authenticate โ sensitive actions (sign offer, accept deal, export) ask for biometric confirmation.
• Your biometrics never leave your device โ the DEX only receives yes/no from your secure enclave.
• Passkey is optional โ passphrase-only mode always works.
🤖 AI Form Assistant
The AI helps you fill the Trade Composer by understanding what you want to do in plain language.
• Type something like: "Sell my full XAUT position for 9.7 SOST, expire in 6 hours"
• The AI parses your intent and fills the form fields automatically.
• It shows "What the assistant understood" โ action, position, price, expiry, what changes.
• It flags risks: suspicious price, wrong position, expiry too short, missing fields.
• It compares options: full sale vs reward-only, sell now vs hold to maturity.
• It explains lifecycle: maturity progress, withdraw status, reward remaining.
• The AI does NOT sign, send, or execute anything. You always review and authorize.
📩 Private Encrypted Inbox
When your wallet is unlocked, you can receive encrypted messages from counterparts.
• Messages are fetched from the blind relay and decrypted locally in your browser.
• The relay transports encrypted envelopes but cannot read the content.
• You see: offers, acceptances, cancellations, settlement notices.
• Delivery tracking: sent โ delivered โ acknowledged โ processed.
📈 Public vs Private Mode
• Public โ anyone can see market summary, positions, stats. No login needed.
• Private โ unlock your wallet to access: AI assistant, encrypted inbox, trade composer (sign+encrypt+send), deal channels, OTC.
Note: device biometrics (passkey) belong to the browser/user authentication layer. P2P node encryption (X25519 + ChaCha20 between nodes) is a separate machine-to-machine layer.
PRIVATE INBOX
0
E2E ENCRYPTED
No pending messages. New messages appear here when counterparts send encrypted offers.
🔒 BROWSER WALLET SECURITY
?
How your identity is protected
Local Keystore
Your signing keys (ED25519) and encryption keys (X25519) are stored only in your browser using IndexedDB, encrypted with Argon2id from your passphrase. No server ever sees your private keys.
Passkey / Device Authentication
If your device supports WebAuthn, you can use fingerprint, Face ID, or secure PIN to log in and confirm sensitive actions. Your biometrics never leave your device โ the DEX only receives a yes/no from your device's secure enclave.
What requires strong authentication:
• Signing an offer
• Accepting a deal
• Sending an OTC request
• Exporting your identity backup
• Unlocking after session timeout
Important:
• Passkey โ wallet seed โ they protect different things
• If you clear browser data, export your backup first
• Session auto-locks after 5 minutes of inactivity
• P2P node encryption (X25519 + ChaCha20) is a separate layer โ that's machine-to-machine, not user-to-browser
Device biometrics belong to the browser/user authentication layer, not the node-to-node P2P transport protocol.
Keys stored locally · Argon2id encryption · Passkey/biometric optional · Session auto-lock 5 min ·
Learn more