STORY
Pitch: Nygma, Nostr Social Recovery
AUTHOR
KwintenKwinten
Joined 2023.03.13
PROJECT
NygmaNygma
DATE
VOTES
sats
COMMENTS
NOSTR
View on Nostr ↗
TAGS
#nostr

Pitch: Nygma, Nostr Social Recovery

Pitch

Storing a back-up of your key is typically a task users new to Bitcoin or Nostr have little to no experience with, leading to many instances of lost keys and lost money. Social recovery of private keys has already been implemented by some wallets but before Nostr there wasn't really a single universal way of fetching your contacts and securely sending them the secret shards. With Nostr, the procedure for creating the back-ups can be very smooth.

Links

Github repository

APK download

Video Demo

Screenshots

How it works

Backup

  • Enter your nostr private key (nsec...). The app fetches your Nostr contacts.

  • Choose as many contacts as you want (minimum 2). For example: select 7 contacts.

  • After clicking on backup, you must indicate how many of the pieces are needed to reconstruct your full private key. For example: 3.

  • The app sends an encrypted DM to your 7 nostr contacts, each receive a shard of your private key.

Recovery

  • Ask your 7 contacts for the piece they received.

  • Tell the app how many pieces you received from your contacts, for example 4. You only need to enter the minimum of pieces required for the recovery to work. If you have less than the minimum you indicated during backup, the recovery will fail.

  • Enter the pieces.

  • The private key is reconstructed, the app logs you in with the private key and shows your list of contacts.

  • Swipe right to see you profile, where you have the ability to copy your private key.

Possible improvements

The app can be easily improved to be able to backup arbitrary data. Being written in Flutter it is also easily ported to a whole range of platform: Android, iOS, desktop, web.

Caveats

  • The code is highly experimental and was written in about a day. The dependency used for the Shamir algorithm is ntcdcrypto. Use at your own risk :).

  • The lack of privacy when using public relays is not ideal for this kind of application. Typically you would use private relays to communicate the shards to your contact, as otherwise they will be able to see who you have messaged around the same time you send them their shard, and typically you don't want them to know who has the other shards.