Nostr Web Client

Really cool!

Feature request, rather than decrypting the key with the password, it should be like a seed passphrase. It would allow you to have deniability, with a decoy profile in case authorities force you to decrypt that NFC tag.

With NIP-49 it is possible for authorities to know you gave them a wrong password (or the data on the NFC tag is corrupted). But a wrong passphrase will just lead you to a another nsec, where you can put some decoy notes.

Vitor Pamplona 1y ago 💬 1

nostr:npub1acg6thl5psv62405rljzkj8spesceyfz2c32udakc2ak0dmvfeyse9p35c did you think about decoy nsecs in the NIP-49 spec using the wrong password?

Reply to this note

Please Login to reply.

Discussion

Mike Dilger ☑️ 1y ago 💬 1

I can't find the event you are replying to, so I will answer in general.

No I did not think about that. If you enter the wrong password the decryption will fail, it won't give a decoy nsec.

SirAFellows 1y ago

passwords in general shouldnt be decrypted but encrypted only and match the resulting hash.

i've seen password decription and comparing the plain result so much