diff --git a/lib/rspace-header.ts b/lib/rspace-header.ts
index cfe0f8a..ef4494f 100644
--- a/lib/rspace-header.ts
+++ b/lib/rspace-header.ts
@@ -688,7 +688,6 @@ export function showAuthModal(callbacks?: Partial<AuthModalCallbacks>): void {
             { alg: -257, type: 'public-key' as const },
           ],
           authenticatorSelection: {
-            authenticatorAttachment: 'platform',
             residentKey: 'required',
             requireResidentKey: true,
             userVerification: 'required',
@@ -717,9 +716,9 @@ export function showAuthModal(callbacks?: Partial<AuthModalCallbacks>): void {
           username,
         }),
       });
-      const data = await completeRes.json();
-      if (!completeRes.ok || !data.success) {
-        throw new Error(data.error || 'Registration failed');
+      const data = await completeRes.json().catch(() => null);
+      if (!data || !completeRes.ok || !data.success) {
+        throw new Error(data?.error || 'Registration failed');
       }
 
       // 4. Store server-signed token with username
diff --git a/shared/components/rstack-identity.ts b/shared/components/rstack-identity.ts
index 5c98e27..c9faf86 100644
--- a/shared/components/rstack-identity.ts
+++ b/shared/components/rstack-identity.ts
@@ -934,7 +934,7 @@ export class RStackIdentity extends HTMLElement {
 							{ alg: -7, type: "public-key" as const },
 							{ alg: -257, type: "public-key" as const },
 						],
-						authenticatorSelection: { authenticatorAttachment: "platform", residentKey: "required", requireResidentKey: true, userVerification: "required" },
+						authenticatorSelection: { residentKey: "required", requireResidentKey: true, userVerification: "required" },
 						attestation: "none",
 						timeout: 60000,
 					},
@@ -958,8 +958,8 @@ export class RStackIdentity extends HTMLElement {
 						username,
 					}),
 				});
-				const data = await completeRes.json();
-				if (!completeRes.ok || !data.success) throw new Error(data.error || "Registration failed");
+				const data = await completeRes.json().catch(() => null);
+				if (!data || !completeRes.ok || !data.success) throw new Error(data?.error || "Registration failed");
 
 				storeSession(data.token, username, data.did || "");
 				close();
@@ -1751,7 +1751,7 @@ export class RStackIdentity extends HTMLElement {
 								{ alg: -7, type: "public-key" as const },
 								{ alg: -257, type: "public-key" as const },
 							],
-							authenticatorSelection: { authenticatorAttachment: "platform", residentKey: "required", requireResidentKey: true, userVerification: "required" },
+							authenticatorSelection: { residentKey: "required", requireResidentKey: true, userVerification: "required" },
 							attestation: "none",
 							timeout: 60000,
 						},
diff --git a/src/encryptid/server.ts b/src/encryptid/server.ts
index 0f58454..0b97f51 100644
--- a/src/encryptid/server.ts
+++ b/src/encryptid/server.ts
@@ -593,6 +593,10 @@ app.post('/api/register/start', async (c) => {
 app.post('/api/register/complete', async (c) => {
   const { challenge, credential, userId, username, email, clientDid, eoaAddress } = await c.req.json();
 
+  if (!userId || !credential || !username) {
+    return c.json({ error: 'Missing required fields: userId, credential, username' }, 400);
+  }
+
   // Verify challenge
   const challengeRecord = await getChallenge(challenge);
   if (!challengeRecord || challengeRecord.type !== 'registration') {