gong.com

Your devices are your password. No secrets stored. No single point of failure.

Generate Key

Split Shares

Enroll

Challenge

Sign

Verify

Watch a real P-256 ECDSA signing ceremony run in your browser via WebAssembly — Shamir Secret Sharing splits your key across 3 devices, any 2 reconstruct it to sign. No passwords. No OAuth. No server ever sees your private key.

How it works

Three ideas. One ceremony.

Shamir Secret Sharing

Your identity key is split into 3 shares using Galois Field arithmetic. Any 2 shares reconstruct the key. 1 share alone reveals nothing — mathematically, not by policy.

P-256 ECDSA Ceremony

Two devices combine their shares, reconstruct the key, sign a server-issued challenge, then immediately discard the key. With a hardware key, signing happens inside the nRF54L15 MCU — the master key never leaves the chip.

Credential = Authorization

The signature IS the proof. No session lookup. No policy engine. No single point of compromise. Lose a device? Revoke its share, issue new ones — identity intact.

Get early access

gong-auth is open source. We're building the hosted version — drop your email for updates.