Problems & Solutions
Trust & Identity AI Fakes & Deepfakes Duplicate Accounts & Bots CAPTCHA: Prove You're Human Passwords, Spam & Phishing
Content & Discovery Invisible Content Data You Don't Own Better Apps Don't Win
Control & Freedom Censorship & Manipulation Platform Lock-in Cognitive Decline & Feeds Internet Centralization
Comparisons
IPFS Nostr ActivityPub AT Protocol ToIP Secure Scuttlebutt Qortal HyperMesh BitTorrent
Framework
Economy Trust Security Governance Database Identity Verification Why Nothing Less Works
Docs FAQ Roadmap About
Join us on Discord
Problems & Solutions

Password Leaks, SPAM & Phishing

The web still asks you to trust too many forms, too many inboxes, and too many look-alike identities. Atlas protects the real key, delegates limited permission to apps, and gives messages real sender context.

The Problem

How many times have you reset the same password?

Chances are, at least one of your email-password combos is already circulating in breach datasets. The pattern is broken: the internet keeps asking you to type weak secrets into website after website.

Passwords leak. Emails leak. Phishing pretends to be real. Spam fills every inbox that cannot tell who is actually talking.

Why Platforms Fail

Passwords are the wrong primitive

  • Every login form is an attack surface. Another place to phish, log, or leak you.
  • Email is not a trustworthy identity layer. Providers can read it; look-alike addresses power scams.
  • OIDC helps, but partially. It reduces reuse yet keeps identity locked inside major providers.
  • Spam and phishing are cheap at scale. Sending costs nothing and identity is barely verified.

Users juggle passwords, providers hold too much data, inboxes fill with noise.

How Atlas Secures It

One protected key, limited app permissions, and real identity context before messages reach anyone at scale.

Your Real Key Stays in One Safe Place

Hardware or Custodian

Your main key stays in hardware or with a custodian that keeps it encrypted and helps authorize actions without exposing it to apps.

Most apps never need your real key — just temporary permission for a specific job.

Traditional Web Same user keeps typing secrets into many apps
->
Atlas Network Main key stays protected in one place

Apps Get Delegated Keys, Not Your Main Secret

Scoped Authorization

Your custodian issues a delegated key — a token with an expiration and allowed actions. One app publishes, another edits your profile, a payment app handles only small transfers.

Each key is narrow, temporary, and purpose-built — much safer than permanent full access.

Main key stays protected
->
Delegated key is issued
->
App gets limited permission

Leaks Become Smaller Incidents, Not Full Disasters

Short-Lived Damage

The most exposed credential is always the least powerful. Delegated keys have short lifetimes, narrow scope, and can be revoked.

If your main key is ever compromised, key rotation lets ownership follow your new key instead of staying trapped behind the old one.

  • Delegated key leak means temporary and limited damage.
  • Main key compromise still has a recovery path through rotation and renewed ownership proofs.

Messages Arrive With Real Sender Context

Identity + Trust

An inbox accepting messages from anyone with no identity and no cost is a spam machine. In Atlas, trust is built into the protocol — behind each action is a verified identity.

Clients can require unknown senders to prove more or spend more. Spam and phishing lose their key advantage: reaching everyone while being nobody.

Sender has identity context
->
Message carries trust signals
->
Inbox can filter intelligently

Identities Are Easier to Recognize, Harder to Confuse

Standard Avatars + Names

Atlas uses standard avatars and three-part names derived from hash — visually consistent and hard to confuse with copycat handles.

Before you send a message or transfer, you see a recognizable identity, not a vague string.

A
amber.river.cedar Verified human context
Clear visual cues make wrong-recipient mistakes and look-alike scams much easier to spot.
The Result

Fewer secrets everywhere. More trust where it matters.

1
Main key stays protected

Users stop typing their strongest secret into every app on the internet.

2
Delegated keys limit exposure

Apps get temporary, narrow permissions instead of permanent full access.

3
Leaks are easier to contain

Short-lived credentials and key rotation reduce long-term damage.

4
Spam gets real resistance

Unknown senders no longer get free, identity-free access to everyone.

5
Phishing gets easier to spot

Recognizable identities and trust signals make impersonation less effective.

Join us. Why Goku?

Protocols belong to everyone

Atlas is open source. Read the docs, run a node, build an app, or just spread the word. The internet deserves better infrastructure.

Star on GitLab Read the Docs