I’ve never felt right about creating an account for someone and then just giving them an nsec.. here’s the (possible) solution:

here's how the flow works for gifting. "Gift Flow Explained

1. Gift Creation (by you, the gifter)

• You select posts/articles on /gift

• Data is stored in the database with status pending

• No keypair is created yet

2. Worker Processing (server-side)

• Worker picks up pending gifts

• Generates temporary/ephemeral keypair (generate_temp_keypair() in worker.py:754)

• Downloads media from Instagram/TikTok

• Uploads to Blossom using the temp keypair for authentication (kind 24242 auth events)

• Gift status changes to ready

Key insight: Blossom is content-addressed — URLs are based on the SHA-256 hash of the file content. So the same file always gets the same URL (blossom.primal.net/) regardless of who uploaded it. The temp keypair is just for upload authorization, not for identity.

3. Gift Claiming (recipient’s browser)

When the recipient opens the claim link:

• A brand new random keypair is generated client-side in their browser:

const privateKeyBytes = crypto.getRandomValues(new Uint8Array(32));

• This happens at gift-claim/[token]/+page.svelte:118–130

• The keypair never leaves their browser — it’s not sent to your server

• Posts are signed and published to Nostr relays using this keypair

• Recipient is shown their nsec and prompted to save it

Your Access

Correct — you (the owner of ownyourposts.com) have zero access to the recipient’s private key because:

1. It’s generated with crypto.getRandomValues() in the browser

2. It’s never transmitted to the server

3. Only the signed Nostr events go to relays (public data)

The ephemeral worker keypair is discarded after upload — it was only used to authorize the Blossom upload, not to establish any ongoing identity.