nos2x icon indicating copy to clipboard operation
nos2x copied to clipboard

Published 20 hours ago verified publisher icon fiatjaf

[Feature Request] Store the nsec as ncryptsec

Open antonioconselheiro opened this issue 1 year ago • 5 comments

I'm requesting to include the encrypted nsec (ncryptsec) and request the password in the client to open the extension. I'm requesting this because it bothers me that my nsec is available for copying and viewing just by pressing the button "show key".

I understand that it would be less problematic to temporarily store a password capable of opening the encrypted content than to directly store the nsec permanently.

This make sense?

antonioconselheiro avatar Feb 16 '24 10:02 antonioconselheiro

Yes, will implement eventually. Thank you for the issue.

fiatjaf avatar Feb 16 '24 10:02 fiatjaf

Thanks for implementing the above... but seems to be incomplete.

A "complete" (functional as intended) implementation of NIP-49 would allow one to "import" an ncryptnsec as well as "copy" it out to the clipboard.

To you have plans for this? Thanks.

manimejia avatar May 17 '24 13:05 manimejia

@manimejia I think these two requirements are implemented, no?

However the secret key is stored in plaintext, not encrypted. I am not sure how to properly implement it so it is stored encrypted, but maybe I'll do that eventually.

fiatjaf avatar May 17 '24 15:05 fiatjaf

Thanks @fiatjaf . As far as I can tell... current implementation only allows to encrypt a private key (for copying OUT) but not to decrypt.

I'm suggesting to allow PASTING an encrypted key (ncryptnsec) into a text field (along with a password) for decryption and storage by the key manager.

Even if you store it in plaintext, copying and pasting (or QR scanning) encrypted keys between clients is WAY better than unencrypted.

Worry about encrypted storage later. But that would be cool also. Thanks.

manimejia avatar May 17 '24 21:05 manimejia

No, you can paste it encrypted. I'm pretty sure. I can't test now because I can't delete my key from the extension, but I know I wrote this code in the latest release. Maybe it is broken. I'll check later.

fiatjaf avatar May 17 '24 23:05 fiatjaf

Hello, I wanted to follow up with this question. How do I sign into a nostr app, like Primal, with a ncryptsec? Do I have to decrypt? If so, how. If not, how do I enter my password to decrypt the ncryptsec?

ssbright avatar Feb 20 '25 23:02 ssbright

Did you try installing nos2x and inputting the ncryptsec on the options page?

fiatjaf avatar Feb 21 '25 03:02 fiatjaf

this works! thank you. Any suggestions on how I could do this on mobile so I could login safely on a phone?

ssbright avatar Feb 21 '25 03:02 ssbright