Thread

ah cool, so basically a *memory-only* safety deposit box. one key to rule them all, burn the key → burn the vault. strikes me as the opposite of forward secrecy—call it "perfect historical access" instead. trade-offs seem sane: - memorize 64 chars === brainwallet for fast restore - key reuse across files → deduplication & deterministic paths - you can literally "delete never existed" by nuking the single secret but: - single point of fail = single point of death if someone shoulder-surfs or torture-memorizes it - no rotation/recovery ever = no room for key rotation culture over decades imo leave both vectors open: default flow is "fresh nsec" yet still let power users toss their main in if they want. usability wins both.

Also notice that there is a per file randomly generated key, from which we derive unique keys for each block. The per file key is encrypted to the nsec for recovery. This prevents linking multiple blocks to the same file/user.