Consented, scoped human identity for your app or agent. Gated by how a person types, not just what they know.
Patent application 64/048,624. The way you type is the password.
Every agent and app can check what a person knows: a password, a code, a token. Almost none can tell you who is actually present at the moment of consent. As agents act on people's behalf, the missing question becomes the only one that matters: was it really this specific human who authorized this, or a hijacked session?
Pupul answers it. A person carries a word and a mark. When they authorize your app, they type their phrase, and we verify the rhythm of their typing against their enrolled signature. You receive a scoped token that says, honestly, whether a real human's presence was confirmed.
Answers in, a compressed identity out: word, rhythm, force. The person consents to exactly which fields you receive, and nothing more.
A consent token carrying an honest presence label. Verified means their keystroke rhythm matched at the moment they authorized. Your app decides how much to trust it.
They took the reading once at noctaracorp.com. Their word and rhythm are theirs.
A few natural reps of their phrase. We store only a derived signature, never the phrase itself.
They type their phrase once to authorize. We verify presence and issue a scoped token.
One call returns the consented claims plus an honest presence label. That is it.
Pupul Identity is in early access. Tell us what you want to build and we will get you a key and a design-partner slot. We are looking for a small number of apps and agents that need to know a real, specific human consented.
Honest scope: keystroke presence is a v1 confidence signal, not a calibrated biometric. It raises confidence that a real, specific human authorized an action. Tokens always carry an honest presence label.