Owners create URLs scoped to a locker or deep-linked record.
Docs · Portal
Viewer portal.
read-onlyrecipient passkey
Read-only access for recipients.
The viewer portal is a passkey-gated surface for recipients who need to inspect shared locker records without receiving owner credentials or mutation authority. It is designed for review, audit, and verification workflows.
The viewer authenticates with their own passkey before access.
Receipts, hashes, Merkle material, and anchor state remain inspectable.
Share
Create a scoped viewer URL
Owners can share a locker-level view or deep-link a recipient directly to one storage record.
https://portal.nukez.xyz/viewer/lkr_7a2c...e9f3#v=A7F1 # /viewer/<locker-id> scopes the portal view# #v=<record-id> deep-links to a specific stored record
Code notes
The owner portal creates a viewer URL for a locker or a specific storage record. The URL is safe to share with the intended recipient because it grants a read-only view and still requires viewer authentication.
The fragment never becomes part of the HTTP request. It is a browser-side deep-link for the portal UI.
Access
Authenticate the viewer, not the owner
Viewer access is passkey-gated, but the passkey belongs to the recipient opening the link.
Viewer portal Open shared URL Register or use recipient passkey Load read-only locker view # viewer passkey belongs to the recipient# owner keys are never shared with viewers
Code notes
Opening a viewer link prompts the recipient to authenticate with their own passkey. The owner does not share an owner credential, signing key, or portal session.
Viewer authentication is about access to the browser surface. It does not authorize storage mutations.
Verify
Let recipients inspect the proof trail
The viewer surface is read-only, but it still exposes the verification path behind the shared record.
Viewer portal Select record A7F1 Open verification panel Compare receipt hash Recompute Merkle path Inspect on-chain anchor
Code notes
Once authenticated, the recipient can inspect the scoped storage history and verify records against receipt data, Merkle material, and on-chain attestation details exposed by the portal.
For the full narrative verification model, use the verification guide; the viewer portal is the recipient-facing operational surface.
Viewer access is deliberately limited.
Viewers can inspect records and verification data, but they cannot provision storage, rotate keys, rebind providers, or mutate locker contents. Those actions remain in the owner portal and require the owner authority model.