Nostr Web Client

for completely private note storage on relays you could giftwrap with a p tag = H(nsec+”storage”). You could pull these down, unwrap them and store them in nostrdb for local querying.

giftwrapped notes have no internal signature, so your private, unwrapped data could never be broadcast to relays.

the wrap itself has no publicly identifiable information tied to you, so people don’t even know who is storing the data.

jb55 8mo ago 💬 2

At this point you don’t even need the seal, so it’s simpler than giftwraps

Reply to this note

Please Login to reply.

Discussion

jb55 8mo ago

Thoughts nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z ?

Vitor Pamplona 8mo ago 💬 1

I would not use a p-tag since anyone can copy all the p-tags out there and send you a bunch of "private notes" in a DoS attack.

I would derive the key, sign with and filter by that pubkey instead. You basically get the same privacy (people can know how many notes are there for each key/p-tag), but now you are the only one that can create those events (no spamming)

Which means that I wouldn't reuse the GiftWrap kind for this.

Agree that you don't need a seal. The goal for the seal+wrap strategy is to privately connect two keys, which you don't need here.

jb55 8mo ago 💬 1

Oh right of course lol

jb55 8mo ago 💬 1

This could be a spec if its not already

jb55 8mo ago

I’ll write a draft!