SilentAuth
Protocol v0.9 Beta — Edge Functions Live

VINAC-FM Protocol

VINAC-FM (Verified Identity via Near-field Acoustic Cryptography — Frequency Modulation) is Layer 4 of the SilentAuth verification stack. It provides cryptographic proof of physical device proximity through inaudible ultrasonic acoustic challenges, requiring no additional hardware beyond a standard device microphone and speaker.

Development Status — v0.9 Beta

VINAC-FM v0.9 Beta is live. Database schema, CSIV vocabulary, logic library, and all four edge functions (challenge, verify, resolve, vocabulary) are deployed. The client SDK is available at lib/vinac-fm.ts. RS256 certificate signing and full Web Audio API integration are in progress for v1.0.

Architecture

VINAC-FM operates as an optional fourth verification layer, invoked only when layers 1–3 are insufficient for the risk profile of a session or when explicitly required by a policy. It introduces a physical presence requirement — bridging the gap between digital session tokens and proof that the legitimate device owner is physically present.

1

Challenge issuance

Server generates a nonce-bound challenge tied to the active verify_session. The challenge includes frequency band, duration, and an expiry.

2

Acoustic emission

The SDK emits an ultrasonic frequency-modulated pulse via the Web Audio API, encoding the challenge nonce in the waveform.

3

Signal capture

The same device (or a co-located device) captures the acoustic signal via the MediaDevices API and decodes the embedded nonce.

4

Cryptographic binding

The captured nonce is signed using the device's attestation key (or a session ephemeral key) and returned to the verifier.

5

Certificate issuance

The verifier checks the nonce, validates the signature, confirms acoustic match, and issues a short-lived VINAC certificate embedded in the receipt.

Database Schema

The VINAC-FM schema consists of four tables:

vinac_settings

Per-project VINAC configuration: frequency band, duration, proximity threshold, same-device enforcement, fallback behavior, and certificate TTL.

vinac_sessions

Individual VINAC challenge sessions, tracking status (pending/active/completed/failed/expired), acoustic match result, device fingerprint, and signal hash.

vinac_certificates

Issued VINAC certificates with token, key ID, subject fingerprint, expiry, and consumption/revocation tracking.

vinac_key_pairs

Per-project RS256 signing key pairs. Public key is stored; the private key is managed in the secure execution environment.

Protocol Parameters

frequency_bandUltrasonic frequency range: ultrasonic_18khz, ultrasonic_20khz, inaudible_16khz
challenge_duration_msHow long the acoustic emission lasts. Minimum 1000ms, default 3000ms
proximity_threshold_mMaximum distance in meters between emitter and receiver. Default 0.5m
require_same_deviceIf true, emission and capture must come from the same device session
fallback_to_layer3If true, fall back to Layer 3 PoW when acoustic challenge fails
certificate_ttl_hoursLifetime of the issued VINAC certificate. Default 24 hours

Certificate Format

A VINAC certificate is a JWT-like token signed with RS256. The payload structure:

{
  "jti": "uuid-v4",              // certificate identifier
  "sub": "device-fingerprint",   // subject (device binding)
  "iss": "silentauth:vinac",     // issuer
  "iat": 1712345678,             // issued at (unix timestamp)
  "exp": 1712432078,             // expiry
  "session_id": "uuid-v4",      // linked verify_session
  "project_id": "uuid-v4",      // project scope
  "acoustic_match": true,        // acoustic verification result
  "frequency_band": "ultrasonic_18khz",
  "proximity_confirmed": true,
  "key_id": "vinac_key_abc123"   // signing key reference
}

Security Considerations

Replay attacks

Each challenge nonce is single-use and expires after `challenge_duration_ms` + a configurable grace period. The nonce is cryptographically bound to the session ID.

Signal forgery

The acoustic signal encoding includes a HMAC-protected timestamp and session salt. Replaying a recorded signal from a different session will fail the nonce check.

Proximity spoofing

The proximity_threshold_m setting enforces a maximum physical distance. Signal amplitude and propagation delay are factored into the match score.

Key compromise

Private signing keys are never exposed to the browser or stored in Supabase. They are managed in the secure execution environment (HSM or Vault). The public key is stored in vinac_key_pairs.

Browser permissions

Microphone and speaker access require explicit user permission and an HTTPS origin. The SDK handles the permission request and gracefully falls back to Layer 3 if denied.

Availability & Roadmap

Foundation (complete)
  • Database schema deployed
  • Dashboard configuration UI
  • Marketing and documentation pages
  • Billing plan integration
  • CSIV vocabulary v1.0.0 seeded
  • Logic library with 8 token types
v0.9 Beta (current)
  • Challenge edge function live (vinacfm-challenge)
  • Verify edge function live (vinacfm-verify)
  • Resolve edge function live (vinacfm-resolve)
  • Vocabulary edge function live (vinacfm-vocabulary)
  • Client SDK (lib/vinac-fm.ts)
  • Dashboard sessions log + vocabulary viewer
  • WordPress plugin VINAC-FM transport
v1.0 Release
  • RS256 certificate signing via HSM
  • Full Web Audio API acoustic emission
  • Microphone capture and nonce decoding
  • Same-device and cross-device proximity scoring

VINAC-FM + Logos Lexicon

VINAC-FM is the physical transport layer for the Logos Lexicon semantic intent protocol. VINAC-FM proves physical presence; Logos Lexicon defines what that presence authorizes. Together they form the highest-assurance M2M coordination stack — deterministic, physics-bound, and injection-proof.

Logos Lexicon docs Product page →

Get Early Access

VINAC-FM is available on Business and Enterprise plans. Configure your settings now and your integration will be ready when v1.0 ships.

Configure VINAC-FM View plans →