I think NIP-46 may be missing a really useful primitive for apps that want to use a Nostr identity as the root of some other deterministic cryptographic state: a method like derive_secret("nip99/v1/root") that returns a stable, use-case-scoped secret without exposing the user’s private key.
The problem I'm facing is I was previously using nostr nsec as root for HD wallet generations for addresses that were then used in onchain swaps - so need unlimited of them and deterministically derivable to recover state.
If bunker login were to be enabled, it would be great to have a deterministic way to derive the same seed wether using direct nsec or bunker.
I thought about hacking it using existing bunker methods, but don't think that'd work.
Sign_event over a dud event aren’t guaranteed to be identical for the same message/key, and nip04/nip44 encrypt outputs are randomized, so neither gives a clean deterministic root across devices. That leaves apps either storing recovery state somewhere, saving it on nostr relays via giftwraps addressed to themselves, when what they really want is “give me the same secret for this context every time.”
Everything else feels super hacky!
Please advise, oh lords of nips.
I think NIP-46 may be missing a really useful primitive for apps that want to use a Nostr identity as the root of some other deterministic cryptographic state: a method like derive_secret("nip99/v1/root") that returns a stable, use-case-scoped secret without exposing the user’s private key.
The problem I'm facing is I was previously using nostr nsec as root for HD wallet generations for addresses that were then used in onchain swaps - so need unlimited of them and deterministically derivable to recover state.
If bunker login were to be enabled, it would be great to have a deterministic way to derive the same seed wether using direct nsec or bunker.
I thought about hacking it using existing bunker methods, but don't think that'd work.
Sign_event over a dud event aren’t guaranteed to be identical for the same message/key, and nip04/nip44 encrypt outputs are randomized, so neither gives a clean deterministic root across devices. That leaves apps either storing recovery state somewhere, saving it on nostr relays via giftwraps addressed to themselves, when what they really want is “give me the same secret for this context every time.”
Everything else feels super hacky!
Please advise, oh lords of nips.