Create an anonymous claim
Choose an optional DaemonChat name, then let this browser generate the identity.
Write it down offline. Anyone with these words controls this claim; if they are lost, the claim and name cannot be recovered.
Invitation-gated private alpha
Your browser creates a recovery identity locally. 1Man stores only its public keys, an opaque claim identifier, status, and an optional DaemonChat name. Keep the phrase and return to check whether access was granted.
We cannot email you because we never ask who you are. We cannot reset the recovery phrase either.
Anonymous launch registry
Your browser creates signing and encryption keys. 1Man receives only their public halves and an optional DaemonChat name. Return with the phrase to check pending, approved, or declined status.
Choose an optional DaemonChat name, then let this browser generate the identity.
Write it down offline. Anyone with these words controls this claim; if they are lost, the claim and name cannot be recovered.
The phrase reconstructs your keys locally, then signs a one-time challenge.
Paste this once into Daemonet’s Community activation. The invitation is exchanged for a device-bound entitlement; it is not the lasting credential.
When enabled later, send Bitcoin over Lightning directly to the operator’s self-custody wallet.
Bitcoin support is unavailable during private alpha. Public beta still requires a separate operator switch.
Receipt handle:
The unguessable receipt handle checks settlement without revealing a name or recovery phrase.
This is voluntary support, not a purchase, investment, loan, equity interest, entitlement, refund right, repayment promise, or delivery guarantee. Anonymous support remains anonymous. Public attribution happens only after an authenticated name holder explicitly opts in.
What private alpha is for
The first invitation is meant to test the entire lifecycle on the founder’s own Arch Linux and Ubuntu infrastructure—not manufacture a signup number. Every connection records the selected mode and the reason for any failure.
Ethernet, Wi-Fi, separate LANs, phone hotspot, suspend, resume, router restart, and endpoint restart.
Measure input responsiveness, clipboard, resolution changes, reconnect, and long-running session behavior.
Measure latency, jitter, packet loss, and whether the final route is genuinely direct.
Browse directories, transfer large files, interrupt the route, resume safely, and remount.
After introduction, stop 1Man and prove established endpoint relationships do not acquire a central application fallback.
Revoke the device and demonstrate that prior invitation possession cannot restore its authority.
Record bytes handled by coordination separately from bytes transferred directly. A large streaming or file session must not become a matching 1Man bandwidth bill unless an explicit relay product was selected.
Invitation lifecycle
A single-use, hashed-at-rest, expiring invitation authorizes one enrollment attempt. The joining device generates its own credential, obtains owner approval, and reconnects with that credential. The bearer token can then be discarded or revoked.
Return with the recovery phrase and decrypt the invitation locally if the claim was approved.
The joining device creates its permanent key material and never uploads the private half.
An existing Daemonet authority approves the exact new key and its bounded permissions.
Future sessions authenticate with device authority. The handwritten token has no continuing access power.
Keep the recovery phrase