DeepFree DFV Platform
EPOCH 0 · LIVE
← HOME
DeepFree Verification Protocol

Cryptographic
token authentication.

Generate HMAC-signed DFV tokens, verify with full epoch-keyed checksum validation, share instantly across any platform.

SERVER-SIDE KEY MODULE — ACTIVE HMAC-SHA256 key lives in DFV_HMAC_KEY env var — never transmitted to browser.
Connecting to backend…
✓ NON-EXTRACTABLE
🔒 SERVER-SIDE
Hashed into the HMAC — token only verifies for this recipient.
Expiry is cryptographically encoded — not just cosmetic.
VersionID byte encodes the epoch. Verifier auto-selects weights.
✓ HMAC-SHA256
✓ RECIPIENT BOUND
✓ EXPIRY ENCODED
✓ NONCE PROTECTED
Verifier auto-selects epoch weights from the VersionID byte.
Leave blank for loosely-bound tokens.
RATE LIMIT: 10/10

The Matrix Registry maps VersionID characters to prime weight arrays. The verifier reads the first token character to auto-select the correct epoch, enabling backward-compatible key rotation.

CHECKSUM COVERAGEWeighted checksum covers all 14 chars: [VersionID] + [13 payload chars]. Epoch forgery is detectable — swapping the VersionID byte breaks the checksum.
EPOCH ROTATIONOld tokens remain valid while the registry retains historical epochs. Retire an epoch by removing it — all its tokens immediately fail verification.
Revocation Registry0 revoked
No tokens revoked yet.
REVOCATION ARCHITECTUREEach token is fingerprinted via SHA-256. The fingerprint (not the raw token) is stored in the revocation set. Revoked tokens fail immediately before any cryptographic validation. In production this persists to Postgres via the dfv_revoked table.

Structured log of all generate and verify events.

Event Stream0 events
No events logged yet.
TOKEN STRUCTURE — DFV-[V][PPPPPPPPPPPPP][CC]V = 1 char VersionID (Crockford Base32 epoch). P×13 = HMAC-SHA256 truncated to 8 bytes, Crockford-encoded. CC = 2-char weighted checksum. Total: 16 chars + DFV- prefix.
HMAC PAYLOAD CONSTRUCTIONHMAC-SHA256 key lives server-side in DFV_HMAC_KEY env var — marked non-extractable, never in JS scope. Signed message: recipientHash:expiryUnixMin:nonce. First 8 bytes encoded as 13 Crockford chars.
EPOCH-KEYED CHECKSUMVerifier reads VersionID to select weight array from Matrix Registry. CS₁ = weightedSum mod 37. CS₂ = (CS₁ × 17 + 7) mod 37. Both Crockford-encoded. VersionID included in checksum — epoch forgery is detectable.
SOFTMAX RECOVERY — VISUAL/PHONETIC WEIGHTINGOn checksum failure, 14 × 37 = 518 single-char substitutions are scored. Confusion pairs (O↔0, I↔1, L↔1, S↔5, B↔8) score 3× higher. Softmax confidence gate at 95% — auto-corrects and logs RECOVERED state.
TOKEN BINDINGRecipient identifier is SHA-256 hashed into the HMAC message. Strict-mode tokens fail if presented by a different recipient. Binding is one-way — the hash cannot be reversed from the token.
EXPIRY ENFORCEMENTExpiry timestamp (Unix, minute precision) is embedded in the HMAC payload — not cosmetic. An altered expiry breaks the HMAC. Expired tokens return status EXPIRED.
RATE LIMITING10 verification attempts per 60-second window per session. Limit enforced client-side; production enforcement is server-side per IP via slowapi.