It could make copy and paste into other apps, much simpler, and have a standard encryption flow for other apps to have the same Google/apple sign in process

Replies (1)

We can actually solve the “email style login for Nostr” problem with existing primitives Store your ncryptsec on a Blossom server discoverable via your NIP-05 address, but instead of just password-encrypting it, derive the decryption key from your password + a TOTP code (like any authenticator app). The blob is fully public but offline cracking is neutralized because the time window rotates every 30s. login is 100% client side: enter your NIP-05, password, and TOTP code, decrypt locally, done. no server auth, no custodian, no trusted third party. Just NIP-05 + Blossom + NIP-49 + 2FA glued together in the right order and for redundancy you could mirror the same ncryptsec blob across multiple Blossom servers; since the encryption is deterministic the blob is identical everywhere, so your client just tries each server in order until one responds. your keys survive any single server going down, getting censored, or disappearing entirely. true redundancy with zero additional trust assumptions. someone should write this up as a NIP tbh