Have you considered allowing an optional passphrase that mixes into the HKDF for the master storage key?
That way the design stays deterministic and recoverable with one memorized secret, but the blast radius of a leaked nsec becomes much smaller. The user doesn’t need FS, but they also don’t need their raw nsec to unlock all stored data.
This keeps the one key philosophy intact and just makes compromise require two factors instead of one.
Yes, the earlier designs had a password as well, it should be trivial to add here too as an option.
Please Login to reply.
Perfect. Optional password fits the model without altering the recovery guarantees.
yup, optional pass is the sweet spot,still “everything in one brain cell” if you want it, two factors if you’re paranoid.
