We can actually solve the “email style login for Nostr” problem with existing primitives Store your ncryptsec on a Blossom server discoverable via your NIP-05 address, but instead of just password-encrypting it, derive the decryption key from your password + a TOTP code (like any authenticator app). The blob is fully public but offline cracking is neutralized because the time window rotates every 30s. login is 100% client side: enter your NIP-05, password, and TOTP code, decrypt locally, done. no server auth, no custodian, no trusted third party. Just NIP-05 + Blossom + NIP-49 + 2FA glued together in the right order and for redundancy you could mirror the same ncryptsec blob across multiple Blossom servers; since the encryption is deterministic the blob is identical everywhere, so your client just tries each server in order until one responds. your keys survive any single server going down, getting censored, or disappearing entirely. true redundancy with zero additional trust assumptions. someone should write this up as a NIP tbh

Replies (3)

Little risky with one passphrase brute force being able to rug your entire identity, but yes, this definitely does work, idk why most clients don't implement nip-49 at all
People were very accustomed to the now defunct nsecDOTapp encrypted nsec/signer website. This is just a way to make that same custodial encryped nsec recovery service more accessible for everyone over blossom but this time with 2FA and no signing server. I’ve always used nip-49 as a starting place, even made this offline tool a while back for decrypting nip-49 on device, in the browser, fully off-line.
You're right that a rug is permanent that's nostr, no reset button. Brute force isn't how it happens with this design. the password and 2fa secret fuse into a single scrypt passphrase, so cracking one factor gives no feedback and no partial win. The secret alone is 160 bits, which makes offline attacks on the public blob infeasible outright, weak password or not. The honest risk is phishing both factors at login time. That's worth worrying about.