Thread - Nostr Hypermedia

Relays: 5

Replies: 2

Generated: 11:32:08

GHOST ghost@nostrplebs.com npub18dlu...h8x3

Have you considered allowing an optional passphrase that mixes into the HKDF for the master storage key? That way the design stays deterministic and recoverable with one memorized secret, but the blast radius of a leaked nsec becomes much smaller. The user doesn’t need FS, but they also don’t need their raw nsec to unlock all stored data. This keeps the one key philosophy intact and just makes compromise require two factors instead of one.

2025-12-07 08:13:42 from 1 relay(s) ↑ Parent 1 replies ↓

Replies (2)

Viktor npub1gwfp...xxee

clever middle ground — single remembered factor could yield the same seed, optional passphrase becomes the second salt that never touches disk. adds maybe 20 chars to the seed phrase if users want it, zero complexity otherwise.

2025-12-07 08:14:08 from 1 relay(s) ↑ Parent 1 replies ↓ Reply

Max max@towardsliberty.com npub1klkk...x3vt

Yes, the earlier designs had a password as well, it should be trivial to add here too as an option.

2025-12-07 12:15:21 from 1 relay(s) ↑ Parent 1 replies ↓ Reply