Nostr Web Client

Testing an old idea: NFC-based transient accounts: accounts that log off as soon as the app goes to the background, deleting all traces of the account from the phone.

It looks like this in debugging speeds: https://video.nostr.build/ef4274d150303fd28f5e7b6b02a7b0102176263dfb1b491969a0caab6b61e6ad.mp4

If you are an activist and if your phone is confiscated, they will never find anything on the phone. Not even your public key.

Walk around with Amethyst installed and an NFC tag hidden in your clothing. When you need to use Amethyst, tap the tag, insert your password and login. Lock the screen to delete everything.

The NFC has a NIP-49 password-encrypted nsec. If you need, destroy and dispose the NFC tag.

Reply to this note

Please Login to reply.

Discussion

Unbothered_Unicorn 1y ago

👀

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcpzpmhxue69uhkummnw3ezumt0d5hsygzxpsj7dqha57pjk5k37gkn6g4nzakewtmqmnwryyhd3jfwlpgxtspsgqqqqqqszrkh5w

Shadowy Super Stacker 1y ago

This is awesome!

7fqx 1y ago

Dootmode

EZ 1y ago

love it

iefan 🕊️ 1y ago

It has some very meaningful use cases.

drea 1y ago

great idea

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygzxpsj7dqha57pjk5k37gkn6g4nzakewtmqmnwryyhd3jfwlpgxtspsgqqqqqqse6wymw

Willheim 1y ago

Dope wallpaper! (Also cool idea)

Eluc 1y ago

Amazing features for privacy and security. I wish more service and app would have the same, user could pass boarder with almost empty phone, and login everything on the other side. Password manager would be one of the must app to have this.

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcppemhxue69uhkummn9ekx7mp0qgsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqrqsqqqqqpdha9tv

bitpunk.fm is typing 1y ago

Yes! Amazing. Do you know how big the encrypted payload would be? The Ntag 216, the most recent are 800 ish bytes.

Also, what kind of ndef record would this be?

Vitor Pamplona 1y ago

You can create one for your key in the left/drawer / export keys. Choose the password enrypted version. It's quite small.

9e4a5274... 1y ago

Interessante, mas onde isso seria mais útil?

somana 1y ago

Se me ocurre en Venezuela donde después de las elecciones estaban requisando los móviles para ver si las personas escribían cosas contrarias al gobierno. Habrá más ejemplos donde podría ser útil.

Gigi 1y ago 💬 2

👀

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcpz9mhxue69uhkummnw3ezuamfdejj7q3qgcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqxpqqqqqqzd2p80t

JackTheMimic 1y ago

This Cypherpunk future is going to be awesome.

SOVEREIGN Community Infrastructure 1y ago

Upload contents of entire phone then delete. The ability to dump one message

Jesse 1y ago

Wow amazing

Gustavo 1y ago

I never realized you cared so much about these things. It makes me really happy to see your focus on such important issues.

b98e16ed... 1y ago

Really cool!

Feature request, rather than decrypting the key with the password, it should be like a seed passphrase. It would allow you to have deniability, with a decoy profile in case authorities force you to decrypt that NFC tag.

With NIP-49 it is possible for authorities to know you gave them a wrong password (or the data on the NFC tag is corrupted). But a wrong passphrase will just lead you to a another nsec, where you can put some decoy notes.

Vitor Pamplona 1y ago

Yeah decoys would be awesome!

Vitor Pamplona 1y ago

nostr:nprofile1qqswuyd9ml6qcxd92h6pleptfrcqucvvjy39vg4wx7mv9wm8kakyujgpypmhxue69uhkx6r0wf6hxtndd94k2erfd3nk2u3wvdhk6w35xs6z7qgwwaehxw309ahx7uewd3hkctcpypmhxue69uhkummnw3ezuetfde6kuer6wasku7nfvuh8xurpvdjj7a0nq40 did you think about decoy nsecs in the NIP-49 spec using the wrong password?

Mike Dilger ☑️ 1y ago

I can't find the event you are replying to, so I will answer in general.

No I did not think about that. If you enter the wrong password the decryption will fail, it won't give a decoy nsec.

SirAFellows 1y ago

passwords in general shouldnt be decrypted but encrypted only and match the resulting hash.

i've seen password decription and comparing the plain result so much

brito 1y ago

Good idea. Nevertheless it should be in a password format so that it can be typed by the user and given to authorities without raising attention as an anomaly.

₿uy the dip! 🌽🌎🟠 1y ago

God the things we have to develop to secure our freedom! 😎

Scrotus 1y ago

this is punk asf

SuiGenerisJohn 1y ago

Holy moly this is an interesting concept.

daniele 1y ago

That's really cool.

ynniv 1y ago

Wouldn't it be better to have the NFC tag sign the event, keeping the key material even out of memory?

Vitor Pamplona 1y ago

The key is deleted from memory. This is not to avoid loading the key, but avoid storing it in the device for other people to find.

tjay 1y ago

So I don't understand why one would use this, but I hope anyone here can explain to me why this would be useful and who it is useful for?

#AskNostr

NotBiebs and 69 others 1y ago

wen biometric encrypt/decrypt ncryptsec?

Vitor Pamplona 1y ago

To export/create the ncrypt sec? It should already ask for it 🤔

NotBiebs and 69 others 1y ago

i mean so you don't have to enter a password. could you use the biometric API to create the ncryptsec and also to decrypt it?

Vitor Pamplona 1y ago

Humm... Interesting... It would only work in that specific phone though. 🤔

NotBiebs and 69 others 1y ago

that's fine. i can just use a password manager to keep track of all my different ncryptsecs. UX would be nice. tap NFC and then just scan my face to get in.

NotBiebs and 69 others 1y ago

or just label the NFC chips so i know which phone they are for

Ivan 1y ago

That is sick 💪

Kax 1y ago

What’s nfc?

stl1988 1y ago

Near Field Communication. Nearly every smartphone has this nowadays.

Juraj 1y ago 💬 6

Pro-tip: You can implant an NFC chip in your palm.

nostr:note1qt66e9dmrvjuehge6mrn9htq7s7mp5j0zchcxs84wjvmju2qgkdsw93mct

HoloKat 1y ago

Great idea!

brugeman 1y ago

Very cool!

nostr:nevent1qvzqqqqqqypzq3svyhng9ld8sv44950j957j9vchdktj7cxumsep9mvvjthc2pjuqqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxc4qk7dc

Sérgio Luis 1y ago

That is fucking amazing!!

brito 1y ago

I'd vote up for that option. The password-encrypted NFC is easy enough to use on any phone and to write. Cheap prices per unit and basically any wearable nowadays can be a hidden NFC tag.

This would make it very hard to even find the NFC, let alone decrypt the key afterwards when it is done right.

pup 1y ago

This is wild.

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcprpmhxue69uhkummnw3ezuendwsh8w6t69e3xj730qgsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqrqsqqqqqpva2tf9

Matt 1y ago

Wow.

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcpz9mhxue69uhkummnw3ezuamfdejj7q3qgcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqxpqqqqqqzd2p80t

Fotoart 1y ago

So cool! That idea had many other uses too!

Leurico8 1y ago

badass!

nostr:note1qt66e9dmrvjuehge6mrn9htq7s7mp5j0zchcxs84wjvmju2qgkdsw93mct

Laan Tungir 1y ago

https://dangerousthings.com/category/implants/x-series/

Laan Tungir 1y ago

Cybernetus 1y ago

I have this biochip. As soon as he mentioned NFC, I immediately thought of this type of application—reading a specific command on the chip that grants access to the app.

Strhodler 1y ago

Another way would be request pin when opening the app and the possibility of setting up a duress pin (GrapheneOS inspiration) so if I type duress PIN all data is erased.

Altgought not sure if it would solve the same problem.

https://grapheneos.org/features#duress

BobThunder☀️ 1y ago

I didn't know this function yet.

Pretty cool!

The Daniel 🖖 1y ago

nostr:npub1trr5r2nrpsk6xkjk5a7p6pfcryyt6yzsflwjmz6r7uj7lfkjxxtq78hdpu 👀

The Daniel 🖖 1y ago

This plus ecash stored in relays are two of the most innovative ideas I’ve seen lately.

Ryan Wilkins 1y ago

Very cool and useful idea

Derek Ross 1y ago

that's an interesting concept. i like it.

Cybernetus 1y ago

Interessante o conceito principalmente pensando em biochip.

Como tenho um NFC implantado ( biochip da Dangerous Things ) ter a chave dentro do NFC e carregando a conta.

Curti a idéia, vou acompanhar

Cast Iron Hands 1y ago

This idea could be applied more broadly to the device itself. i.e- unlock the phone with the NFC tag and it opens to your regular home screen, all apps and data accessible, etc. Unlock it with a passcode only (as if forced to do so by authorities), and it opens to a basic screen with minimal apps that you don't even use.

This would seem to be a trivial undertaking for a GrapheneOS dev to come up with

Dmt Elf ∞/21M 1y ago

Would it make sense to do this in a pre-High Level OS environment such as UEFI to then allow a boot path with one session or another depending on if the the NFC tag was authenticated only during that boot attempt?

beejay 1y ago

I wonder if this is already possible with user profiles on Graphene OS. If the authorities aren't aware of the way to switch users...you can probably just create user profile with a bare bones setup (normie apps and home screen) that don't actually log you into anything.

Bitcoin Boomer 1y ago

Pretty cool!

DZC 1y ago

Wow!!! 👀

Your identity in a NFC Tag!!! (password protected)

(True) Incognito mode for Amethyst!!

nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgwwaehxw309ahx7uewd3hkctcscpyug you are really killing it! 👍

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcpzpmhxue69uhkummnw3ezumt0d5hsygzxpsj7dqha57pjk5k37gkn6g4nzakewtmqmnwryyhd3jfwlpgxtspsgqqqqqqszrkh5w

JeffG 1y ago

Love this idea

🌊 1y ago

YES

tony 1y ago

NFC-based transient account

nostr:nevent1qqsq9advjka3kfwvm5vad3ejm4s0g0ds6f83vturgr6hfxdew9qytxcpzpmhxue69uhkummnw3ezumt0d5hsygzxpsj7dqha57pjk5k37gkn6g4nzakewtmqmnwryyhd3jfwlpgxtspsgqqqqqqszrkh5w