Playgrounds xBind
Interactive Demo

xBind Playground

Explore decentralized identity, Ed25519 signing, AES-256-GCM encryption, trust registries, and policy engines — entirely in your browser.

Read the xBind whitepaper →

Step 1 Generate Identities

Create Ed25519 keypairs for Alice and Bob. Each gets a decentralized identifier (DID) — no server involved.

Step 2 Sign a Message

Create a signed transport envelope. Ed25519 binds Alice's identity to every byte.

Step 3 Verify Signature

Reconstruct the canonical form and verify Alice's Ed25519 signature against her public key.

Step 4 Encrypt & Decrypt

AES-256-GCM encryption ensures only Bob can read the payload.

Step 5 Trust Registry

Register identities with scopes. Revoke access. Check permissions — all in-memory, zero trust.

Step 6 Nonce Replay Prevention

Every envelope carries a unique nonce. Replaying an old message is instantly detected and rejected.

Step 7 Circuit Breaker

Protect downstream services. After repeated failures the circuit opens, blocking requests until recovery.

Step 8 Key Rotation (Succession)

Rotate keys without losing identity. Dual-signed succession announcements create a verifiable chain.

Step 9 Policy & Attenuation

Enforce per-identity spending limits and narrow permissions via attenuated child policies.

How xBind works

01
Identity
Ed25519 keypairs generate decentralized identities (DIDs). No central authority. No API keys. Math is the credential.
02
Sign & Verify
Every message carries an Ed25519 signature. Recipients verify the sender's identity cryptographically — no tokens to rotate.
03
Encrypt
AES-256-GCM encryption ensures only the intended recipient reads the payload. Forward secrecy via ephemeral keys.
04
Trust
Registries, circuit breakers, nonce stores, and policy engines form a zero-trust security fabric — all running locally.