Your Identity, Your Keys

Learn how Mercury provides a secure, anonymous identity without registration, phone numbers, or email.

On traditional platforms, your identity is tied to something you provide: a phone number, an email address, or a
username/password combination. This information is stored on a central server and used to log you in. This model links
your digital activity to your real-world identity and creates a central target for attackers.

Mercury uses a fundamentally different approach: cryptographic identity.

What is a Cryptographic Identity?

Your identity in Mercury is not a username; it's a cryptographic key pair. When you first launch the app, it
generates:

  1. A Private Key: This is a secret piece of data that is stored only on your device. It is mathematically unique and
    acts as your master key. It is used to "sign" your messages, proving they came from you. Your private key should
    never be shared.

  2. A Public Key: This is a corresponding piece of data that is derived from your private key. You can share your
    public key freely. It is used by others to verify your digital signatures. Your public key also serves as your *
    Mercury ID*.

This is the principle of Public-key Cryptography. Because the keys are mathematically linked, a message signed by your
private key can be verified by anyone who has your public key. This proves authenticity without you ever having to
reveal your secret.

How It Works in Practice

  • Your Mercury ID: This is simply a human-readable version (hexadecimal representation) of your public key. When you
    want to add a contact, you share this ID with them.
  • No Registration: You don't create an account on our servers. Your "account" is the private key file stored on your
    phone.
  • Authentication: When you connect to the signaling server, it sends you a random challenge (a piece of text). Your
    app signs this challenge with your private key and sends the signature back. The server uses your public ID to verify
    the signature. This proves you own the private key for that ID without you ever sending the key itself.

The 12-Word Recovery Phrase

Since your private key is just a long string of data, it's impossible to remember or write down. To make it recoverable,
Mercury uses the BIP39 standard. Your private key's data is converted into a sequence of 12 simple English words.

This recovery phrase is a user-friendly representation of your private key. If you get a new phone, you can type in
these 12 words, and the app will regenerate your exact same private key, restoring your identity.

Crucial: Your 12-word recovery phrase is your identity. Guard it as you would your most important password. We can
never recover it for you if you lose it.

This system provides a powerful combination of security, anonymity, and user control. Your identity is yours and yours
alone, secured by proven cryptography.