Oddbean new post about | logout
ManiMe | 8 months ago (raw) | export | reply | flag +1 
 @Egge 
Wondering what is “ncrypt”?
#AFAF #ecash #nsec
https://image.nostr.build/298caf5111200ba9f1ca385527c63f8d699601c340a4c6497c9cf83dfcc29ae7.jpg
il_lost_ | 8 months ago (raw) | root | parent | reply | flag 
 Nip-49
ManiMe | 8 months ago (raw) | root | parent | reply | flag +1 
 > “It is not recommended that users publish these encrypted private keys to nostr, as cracking a key may become easier when an attacker can amass many encrypted private keys.” https://github.com/nostr-protocol/nips/blob/master/49.md

So this ncrypt would not be stored on relays? 

Is “pasting” ncrypt into browser clients safer than “pasting” nsec?

What clients support ncrypt?
il_lost_ | 8 months ago (raw) | root | parent | reply | flag 
 Amethyst and Gossip
Egge | 8 months ago (raw) | root | parent | reply | flag 
 ncrypt is a standardised way to encrypt an nsec for safer handling and storage. It’s defined in NIP-49
ManiMe | 8 months ago (raw) | root | parent | reply | flag 
 Thanks. 
I’m making a social onboarding client for “sharing nostr with friends”:
https://nostrmeet.me/egge@getcurrent.io

Nsec.app not gonna work for oauth style login for accounts, so I’m hand rolling nsec encryption and storage. (So they don’t have to think about keys at first click)

But I’m just storing… not sharing these encrypted keys. 

I don’t see the point in standardizing an encryption method UNLESS clients need to share encrypted keys amongst themselves. 

What would that look like?
Or is there another use case?
brugeman | 8 months ago (raw) | root | parent | reply | flag 
 One day someone asks to export their keys from your app, giving them ncryptsec would be safer than exporting in plaintext.