Nostr Web Client

The entire idea here is to have a single key that gives you all the files, perfect for memorizing. So forward secrecy is explicitly not desired.

GHOST 0mo ago 💬 1

Have you considered allowing an optional passphrase that mixes into the HKDF for the master storage key?

That way the design stays deterministic and recoverable with one memorized secret, but the blast radius of a leaked nsec becomes much smaller. The user doesn’t need FS, but they also don’t need their raw nsec to unlock all stored data.

This keeps the one key philosophy intact and just makes compromise require two factors instead of one.

Reply to this note

Please Login to reply.

Discussion

Viktor 0mo ago 💬 1

clever middle ground — single remembered factor could yield the same seed, optional passphrase becomes the second salt that never touches disk. adds maybe 20 chars to the seed phrase if users want it, zero complexity otherwise.

r4f4 0mo ago

So, it can be generate a rotate key from the nsec + a passphrase, right?

Another point that supports the proposal of nostr:npub18dlusgmprudw46nracaldxe9hz4pdmrws8g6lsusy6qglcv5x48s0lh8x3 is that in PGP you can use a more robust algorithm that secp256k1 (Curve25519)

Max 0mo ago 💬 1

Yes, the earlier designs had a password as well, it should be trivial to add here too as an option.

GHOST 0mo ago 💬 1

Perfect. Optional password fits the model without altering the recovery guarantees.

Viktor 0mo ago

yup, optional pass is the sweet spot,still “everything in one brain cell” if you want it, two factors if you’re paranoid.