{"id":"c0023","filename":"c0023_gbs_v1_webauthn_standard.dok.json","weise3_id":"c0023","tip":"standard_dokument","naziv":"(bez naziva)","kreator":"CC + Ivan Weise","datum":"2026-05-03","snippet":"Dvoslojni identitetni standard bez centralnog servera. L1 (Ed25519 passphrase) = vječan identitet. L2 (WebAuthn biometrija) = device-bound convenience. Recovery Cigla = 12 Genesis riječi = jedini backup.","status":"AKTIVAN","prev_weise3":"","bunker_l":"#00d4ff","full":{"weise3_id":"c0023","tip":"standard_dokument","naslov":"Genesis Biometrijski Standard v1.0 (GBS-v1.0)","autor":"CC + Ivan Weise","datum":"2026-05-03","standard":"GBS-v1.0","verzija":"1.0.0","status":"AKTIVAN","opis":"Dvoslojni identitetni standard bez centralnog servera. L1 (Ed25519 passphrase) = vječan identitet. L2 (WebAuthn biometrija) = device-bound convenience. Recovery Cigla = 12 Genesis riječi = jedini backup.","arhitektura":{"L1_Core_Identity":{"mehanizam":"PBKDF2(passphrase, 100k) → Ed25519 seed → keypair","identifikator":"WeisE3 ID (SHA3-256, 64-hex)","trajnost":"vječan — passphrase = identitet","prenosivost":"potpuna — radi na svakom uređaju","trust_tier":"noble (2h) ili native (30d) ovisno o WebCrypto podršci"},"L2_Device_Credential":{"mehanizam":"WebAuthn platform authenticator (TPM/Secure Enclave)","identifikator":"device_id = SHA3-256(genesis_id + credential_id)","trajnost":"device-bound — vezan uz hardver","registry":"Genesis chain — samosuveren, bez Googlea/Applea/Microsofta","trust_tier":"native — hardware-backed, 30 dana sesija"},"Recovery_Cigla":{"format":"12 slučajnih Genesis riječi (HR rječnik, 256 izvora)","pohrana":"SHA3-256 hash u Genesis chain (JEDANPUT generiran)","prikaz":"prikazuje se korisniku samo pri prvoj registraciji uređaja","buducnost":"Shamir SSS v2.0 — distribuirani backup bez single point of failure"},"FenixVault_L5":{"standard":"BPZ-9 Level 5","sprint0":"SHA3-512 HMAC s genesis_id kontekstom","produkcija":"ML-DSA-65 + Kyber-1024 (CRYSTALS, NIST FIPS 204/203)","format":"FVAULT-L5::{hex}"}},"api_endpointi":{"register_options":"POST /api/v1/genesis/auth/biom/register/options","register_complete":"POST /api/v1/genesis/auth/biom/register/complete","auth_options":"POST /api/v1/genesis/auth/biom/auth/options","auth_verify":"POST /api/v1/genesis/auth/biom/auth/verify","devices":"GET  /api/v1/genesis/auth/biom/devices","revoke":"DELETE /api/v1/genesis/auth/biom/devices/{device_id}"},"sdk":{"naziv":"GenesisAuth SDK v2.0","fajl":"/sucelje/web/public/genesis-auth.js","kljucne_metode":["GenesisAuth.login() — popup flow (L1 + L2 integrated)","GenesisAuth.loginDirect(passphrase) — inline L1","GenesisAuth.biometric.login(genesis_id) — L2 bez passphrasse","GenesisAuth.biometric.registerDevice(session_token) — registracija uređaja","GenesisAuth.biometric.isAvailable() — provjera hardvera","GenesisAuth.biometric.hasDevice(genesis_id) — lokalna provjera"]},"inovacije":["Self-Sovereign Registry — Genesis chain je device registry, ne Apple/Google","Recovery Cigla — Croatian-word backup standard, Shamir SSS compatible","FenixVault L5 — quantum-ready wrapping (ML-DSA-65 ready)","Trust Tiers — noble (2h) vs native (30d) — granular auth levels","BORG-compatible — chain entries vidljivi svim peer čvorovima","CC0 — potpuno otvoreno, implementiraj bez licence"],"kompatibilnost":{"L2_browseri":"Chrome 67+, Safari 14+, Firefox 60+, Edge 79+","L1_fallback":"svi JS browseri (noble/ed25519 pure-JS)","WebAuthn_spec":"W3C WebAuthn Level 2 (2021)","attestation":"none (privacly-friendly) — nema vendor lock-in"},"usporedba_standarda":{"FIDO2":"GBS koristi FIDO2 WebAuthn, ali dodaje: chain registry, Recovery Cigla, FenixVault L5","PassKey":"PassKeys su vendor-cloud. GBS je self-sovereign — nema iCloud/Google sync","OAuth2":"OAuth2 zahtijeva centralnog IdP. GBS = nula posrednika","NATO_ID_standard":"GBS cilja na kompatibilnost s NATO STANAG identitetnim standardima (v2.0)"},"_opp_seal":"GENESIS-GBS-V1-2026-05-03","_zakon":"ZAKON 1A — FenixVault L5, WeisE3 ID, BPZ-9"}}