Nostr Web Client

Do you think NIP44 is practical for sharing secrets other than Nostr like Bitcoin private key?

NIP44 can be used to share keys only between two parties, such as you and a client software in local, as a cipher key for encryption on the filesystem. The NIP44 encrypted secret is either decrypted in memory on the client machine and used by the client software, or may be sent encrypted to the other party on the network as a multisig such as an LSP or a delegated key to custodial service.

NIP44, as designed, does not require uploading to a relay server. What you need are your NSEC key and the party's NPUB key. If you have access to the relay server, you can get a directory of public keys, but that's not required.

#asknostr

Reply to this note

Please Login to reply.

Discussion

ABH3PO 9mo ago

I think it's good, except that it doesn't have post compromise security, but for practical purposes, and for things where you don't need nuclear grade security, it's actually great.

teatwo 9mo ago

Yup, it's only and just for spending online. Since it is shared between two parties, it has to depend on the security strength of the other party, but how you trust the other party is another matter.

By the way, how much can you deposit into a mnemonic with this kind of mechanism? I would deposit about $10,000...?🤔

ABH3PO 9mo ago

Would depend on the client and the exact people I'm sharing with, if it's just me and it's not going anywhere on my local app that's open source and verifiable, $10k makes sense (since you wouldn't want more than that on device anyway). If it's on relays, there could be a Save Now Decrypt Later attack so not more than $1k , plus it also opens you up to metadata attacks if the events are not relayed properly.

hodlbod 9mo ago

Yeah, I think this makes sense. I would only use it if I were sure that the payload would be deleted when it's no longer needed (or if storage is strictly access controlled). Also, NIP 44 isn't exactly battle-tested, so there could be issues the audit missed.

teatwo 9mo ago

Any thought? nostr:nprofile1qyv8wumn8ghj76twvfhhstnjv4kxz7tn9ekxzmny9uq35amnwvaz7tmvda3kkcn00qhxv6tpw34xze3wvdhk6tcqyqalp33lewf5vdq847t6te0wvnags0gs0mu72kz8938tn24wlfze6qkxh4c nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uqzql938n0qvu89jrcze0575r70rcz7m0zuezjqjucl54pkgsqcrncaglg03u nostr:nprofile1qyvhwumn8ghj76rzwghxxmmjv93kcefwwdhkx6tpdshsz8nhwden5te0dp38ytnrdaexzcmvv5h8xmmrd9skctmfde3x77qqyztuwzjyxe4x2dwpgken87tna2rdlhpd02va5cvvgrrywpddnr3jy4ywtuu nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uq3uamnwvaz7tmwdaehgu3dwp6kytnhv4kxcmmjv3jhytnwv46z7qpqxdtducdnjerex88gkg2qk2atsdlqsyxqaag4h05jmcpyspqt30wsqcfvpv nostr:nprofile1qy2hwumn8ghj7ct4w35zumn0wd68yvfwvdhk6qfzwaehxw309anxjmr5v4ezumn0wd68ytnhd9hx20m8d3hkyctv84skcmqqyqtnnkfhmjxqcums4gn4skfccyv7yhzp7mzyrfwnf3kns5p7xymw7ttnucx nostr:nprofile1qy2hwumn8ghj7etyv4hzumn0wd68ytnvv9hxgqgdwaehxw309ahx7uewd3hkcqpqxv8mzscll8vvy5rsdw7dcqtd2j268a6yupr6gzqh86f2ulhy9kkqnmgc6z nostr:nprofile1q9z8wumn8ghj7erzx3jkvmmzw4eny6tvw368wdt8da4kxamrdvek76mrwg6rwdngw94k67t3v36k77tev3kx7vn2xa5kjem9dp4hjepwd3hkxctvq9n8wumn8ghj7enfd36x2u3wdehhxarj9emkjmn99ah8qatzx9ukzatv8p4nqdfexvmnwafed3eh2d3hv3jnw7fkxvmhwdr2w3nk2athvdkksdtwxumnswrvxeuxumrwwfnhxvm5we4x6e3lvfex7ctyvdshxapaw3e82egqyqnhnu7e7sk8mmsh7rnteh8cn28e6kfdr83mrw7j0mcullg607vdztfajye npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z