Oddbean new post about login | logout Introducing OpenSecret - the encrypted backend for your apps. When data is readable only by the user, it protects both the user and the developer, creating a more free and open internet. https://blog.opensecret.cloud/introducing-opensecret/ 1/10 🧵
Mutiny Wallet set a new privacy bar for bitcoin apps by syncing your lightning and ecash wallet to all your devices without our team being able to read your data. Amazing win for privacy with one big area for improvement: the UX around private keys. 2/10
OpenSecret uses secure enclaves to make private keys as easy as "Sign in with <insert_preferred_login>". Users have a familiar experience, while unlocking the super power of encrypted sync. 3/10
Most apps encrypt the data for all their users with a shared key. This means that company employees, third parties, and malicious actors with that key can see everything. With OpenSecret, every user has their own private vault. 4/10 https://m.primal.net/MBGL.png
In 2023, the average cost of a data breach was $5 million, with some over $1 billion. OpenSecret renders a data breach useless. If hackers get in, they enter a virtual hallway of locked private vaults. Leaked data is gibberish, a secret in the open that is unreadable. 5/10 https://m.primal.net/MBGN.png
Bitcoiners understand the power of private keys. Why should they have all the fun? Price is pumping, vibes are high. We are bringing this super power to all the apps in your pocket. Message a developer and (politely) ask them to secure your data with OpenSecret. #Bitcoin 6/10
OpenSecret has 4 pillars at launch for app developers: 1. Private Key Management 2. Encrypted Sync 3. Private AI 4. Confidential Compute 7/10
Check out the first app built on OpenSecret. It's called Maple AI - Private Chat. Feel free to discuss personal and work related items with an uncensored open source LLM, 100% encrypted end to end. Nobody can see it but you, not even us. https://trymaple.ai 8/10
OpenSecret is in private beta, launching in early 2025 to the world. If you're a dev who wants encryption enabled by default in your app, send us a message. 9/10
The heart of Mutiny lives on as OpenSecret, powering freedom tech for normies. Read more at https://blog.opensecret.cloud/introducing-opensecret/ 10/10
No Nostr Login ? 😳😥
I don't really understand how this is possible but excited to see it in action nonetheless!
Secure enclaves in the cloud. It's similar to what Apple is doing with Apple Intelligence. We're bringing it to every platform. A more technical blog post will detail more in the future.
"The user doesn't have to worry about losing a private key and can jump into using your app." Could you elaborate on how this could work? If the private key is used to locally encrypt user data, how could the user recover from the loss of the private key? Or, if the encryption key is derived from the user's login credentials, how does Private Key Management allow the recovery of a private key? Many thanks!
Interesting... nostr:nevent1qqs246qce4tdsrs8uqyefq8xp7ed2tl6kjryy2wtxp9380t7v5zs62gpzemhxue69uhkummnw3ex2mrfw3jhxtn0wfnj7q3qmutnyacc9uc4t5mmxvpprwsauj5p2qxq95v4a9j0jxl8wnkfvuyqxpqqqqqqzh4qjz3
No details on the cryptographic scheme, so right now it's just "trust me bro".
That's why it's private beta at the moment. The enclave code will be open source and crypto attestation will be readily available.
What happener if I lose my login account control? I think an hacker can handle my seckey or am I wrong?
