Explore browser-side Argon2id/bcrypt with a STARK-style MiMC consistency wrapper.
The current prototype verifies algebraic consistency over a client-side KDF output; it does not yet prove full Argon2id/bcrypt execution inside the STARK.
Accurate claim: the live login flow stores only a peppered commitment, salt, and parameters.
The server must discard request proofs and encoded hash material after verification. The system is promising
research infrastructure, not a production-grade zero-knowledge password proof yet.
1. Configuration & Input
Proves you know Hash(Secret + Nonce) without sending Secret.
Minimum: 3 (OWASP floor)
Minimum: 65536 (64 MiB, OWASP floor)
2. Proof Inspection (Editable)
You can manually tamper with the data below (e.g., change the 'outputHash') to see the server reject the proof!