Breez’ spec is interesting if the user trusts his nostr relays to store the salt for prf. Without the salt the user loses his nsec. This is why I would propose to backup the salt along with the encrypted key material in iCloud/GDrive (see CSPP spec). This way the nostr user’s nsec could also be re-encrypted if the passkey needs to be rotated due to device compromise etc.

I like this proposal - it's simpler than ours and the stateless design is really elegant. But it's not flexible enough for our use case. Two main concerns: 1. Doesn't support imported wallets 2. No good UX if passkey is deleted. User would have to create a new passkey/wallet, then decide how to transfer funds - consolidate all UTXOs in one transaction and lose privacy? Or transfer UTXO by UTXO and lose funds to fees?