Key Generation API

Bunkyr is the easiest way to keep your users' encrypted data safe and accessible

Get started today

$0.02/month per key

First 1000 keys free

Non-custodial recovery

Development sandbox

Defense-grade hardware

🚧 ETA Q1 2023

Highest security

Hardware-backed keys

Priority support

Non-custodial recovery

Development sandbox

Custom Solutions

Contact us

Volume discounts

Custom encryption

Custom authentication

On-premises deployment

Priority support

Non-custodial recovery

Development sandbox

Non-custodial recovery

Never put your users' data or assets at risk while giving them full control and easy recovery methods

Onboard more customers

Simplify your sign-up process by removing tedious seed phrases and backup codes

Save on support

Adding a simple, reliable recovery method means you spend less on support for lost accounts

Give users a familiar interface

Choose from our growing list of social login providers as recovery options for your users

Get in touch

Schedule a demo

See a demo or get a technical explanation

Book a demo

Join our Discord server

Ask a founder questions directly

Join Discord Discord logo

Email us

We'll get back to you as soon as possible!

Contact Us

Frequently Asked Questions

Are basic plan keys secure?

Software-only keys are still composed of three parts: one from the user, one from the client, and one from Bunkyr. Our standard keys are extremely secure, but if your application requires additional guarantees to guard against even just Bunkyr's portion of the key being breached, consider using our premium tier.

Is this for Web3/cryptocurrency only?

No, the Bunkyr Key Generation API is suitable for any application with user accounts. We make it possible for users to recover their encrypted user data without relying on traditional methods such as seed phrases, security questions, printed codes, or your servers having access to their sensitive data or assets.

Where does this fit into my application?

Bunkyr replaces the application's traditional recovery method, such as a seed phrase for a crypto wallet or backup code for encrypted cloud storage. Instead of being provided with a special backup method they need to remember or store, users simply connect an OAuth provider like sign-in with Google or Facebook.

Can I use Bunkyr as a primary login?

Yes! We designed our API to accommodate all use cases for generating keys, for both recovery and primary login. For instance, when a user signs up, they can sign in with Google via our API to generate a Bunkyr key. Your application then generates fresh private keys and encrypts them with the Bunkyr key, and you store that encrypted key in your infrastructure. When a user logs in again on a new or existing device, they just sign in with Google via our API and are able to decrypt their private keys and access their data and assets.

What if the hardware fails?

We maintain a set of redundant, geographically-distributed hardware modules for each key, so there is no interruption to service even if a hardware module fails. We can also enroll new hardware any time a user recovers their key, to prevent all of a user's assigned instances from being unavailable as hardware ages.

When will the hardware-secured keys be available?

Our team is currently hard at work getting the hardware ready for production use, which is expected to be available at the start of 2023.

Does the integration change for hardware keys?

No, our API surface is the same for both hardware-backed and software-only keys. This means you can start with our development sandbox, and your integration will remain the same even if you choose to use hardware-backed keys in the future. We can even incrementally migrate your users to hardware-backed keys if you start with software keys and want to beef up your security later.

If you have any questions, please feel free to reach out directly to our engineering team at