ZeroKeys coordinates your multisig wallets without ever touching private keys. All operations happen locally, encrypted, and entirely under your control.
Features
All cryptographic operations run in your browser. Nothing leaves your device unencrypted.
ZeroKeys never imports or stores private keys. Signing happens exclusively on your hardware device.
Import xpubs from any hardware wallet and build flexible 2-of-3, 3-of-5, or custom spending policies.
All wallet data — xpubs, labels, addresses, UTXOs, and settings — is encrypted with 600K PBKDF2 iterations.
Store your encrypted multisig on-device or sync it to the cloud. Your encrypted payload, your choice.
Every line is public. No black boxes, no trust assumptions. Audit the code yourself.
How It Works
Connect hardware wallets by importing extended public keys. ZeroKeys builds watch-only descriptors automatically.
Define your multisig policy — choose co-signers and the required threshold. ZeroKeys handles the descriptor math.
Create PSBTs and share with co-signers. Keys sign offline on hardware; ZeroKeys just coordinates the round.
Security Model
ZeroKeys is built on a simple principle: a coordinator should never have custody. Everything is encrypted locally and only you hold the passphrase.
AES-256-GCM
Authenticated encryption for all multisig data
600,000 PBKDF2 Iterations
OWASP-recommended key derivation hardness
IndexedDB Storage
Encrypted at rest, never transmitted raw
BIP32 / PSBT Compatible
Open Bitcoin standards, no proprietary formats
Get Started
No account required. No custody. No compromises.