Subnostr

you mean recover password?, yes I have made simple reset password by input privkey + new password, but I'll still thinking better flow for it

daniele 2y ago

I suppose you are encrypting the DMs at DB level using the nsec, and the app password is used to encrypt the nsec itself, right?

So a reset as you suggested should be ok, only take care to keep a fingerprint of the original nsec (ex. hash it) so the reset is validated against it.

Reply to this note

Please Login to reply.

Discussion

reya 2y ago

yes, I'm using tauri-stronghold (https://github.com/tauri-apps/plugins-workspace/tree/v2/plugins/stronghold) for secure storage, password is used to encrypt.

my code for this part: https://github.com/luminous-devs/lume/blob/main/src/utils/hooks/useSecureStorage.tsx