A privacy-focused sovereign browser with native Lightning, Cashu and Nostr workflows.
Zap Browser is an open-source desktop browser focused on privacy, Lightning payments, Cashu ecash and native Nostr identity.
It is designed for users who want a local-first browser where Bitcoin, Lightning, Nostr and privacy workflows are built in instead of bolted on through third-party extensions.
Everything runs locally.
No accounts.
No telemetry.
No cloud sync.
Zap Browser is currently in active beta.
Current release: v0.6.0-beta
It is usable for testing and daily experimentation, but it should still be treated as early-stage software. Do not store life-changing funds or highly sensitive operational secrets in beta builds.
The current focus is:
- native browser UX
- privacy hardening
- Tor integration
- anti-fingerprinting protections
- Nostr identity and NIP-07 permissions
- Lightning / NWC payments
- Cashu ecash workflows
- local-first encrypted storage
Zap Browser v0.5.0-beta is a major privacy, browser UX and architecture release.
This release moves Zap Browser closer to a real daily-testable privacy browser instead of a simple Electron wrapper.
- Native multi-tab browser architecture
- Drag-and-drop tab reordering
- Improved tab switching stability
- Reduced unwanted page reloads
- Better loading state handling
- Native address bar autocomplete popup
- Native menus and popup windows replacing fragile React overlays
- Improved page stability on ad-heavy and CMP-heavy websites
- Reduced cookie/CMP flicker during page load
- Ephemeral private tabs
- Isolated private sessions
- No private history persistence
- Private session cache/storage cleanup
- Tor support inside private tabs
- Hardened Tor proxy handling across default and private sessions
- WebRTC leak protection
- User-Agent rotation
- Session-based anti-fingerprinting profiles
- Canvas, WebGL and navigator fingerprint mitigations
- Network-level early blocking for common ad/CMP providers
- Improved popup and overlay blocking
- Multi-profile Nostr identity support
- Active profile switching
- Persistent NIP-07 permission storage
- Per-site allow / deny / revoke controls
- Local signing isolation
- NIP-04 encrypt/decrypt permission flow
- Safer Nostr permission handling
- Browser-style bookmarks bar
- Bookmark folders
- Folder-based bookmark saving
- Rename and delete support
- Recursive folder handling
- Bookmark import/export
- Legacy bookmark migration support
- Persistent download history
- Native downloads panel
- Live progress tracking
- Completed/cancelled states
- Open downloaded file
- Show file in folder
- Clear download history
- Portable mode detection via
.portable - Portable profile storage under
zap-data/ - Passphrase-derived runtime encryption key support
- PBKDF2-SHA256 salt/verifier flow
- Backend APIs for portable setup and unlock
- Foundation for encrypted portable builds
Most browsers treat Lightning, Cashu and Nostr as external add-ons.
Zap Browser takes a different approach:
- Lightning is integrated directly into the browser
- Nostr identity exists natively
- Cashu ecash support is built in
- privacy protections are enabled by default
- permissions are handled locally
- sensitive data stays on-device
The goal is to build a sovereign browser for Bitcoin, Lightning, Cashu, Nostr and privacy workflows.
Connect a Lightning wallet or node using Nostr Wallet Connect.
Features:
- Pay invoices
- Create invoices
- Lightning invoice detection
- LNURL detection
- Balance checks
- Encrypted NIP-47 communication
- Native payment popup flow
- Local encrypted NWC secret storage
Zap Browser detects LNURL-style payment requests directly inside the browser.
Current behavior:
- LNURL detection
- LNURL payment routing
- Payment popup integration
- Lightning Address support
Integrated Chaumian ecash support powered by Cashu.
Features:
- Cashu token detection
- Token receive/send
- Multi-mint support
- Local wallet storage
Zap Browser injects native window.nostr support directly into pages.
Features:
- NIP-07 support
- Multi-profile identity management
- Active profile switching
- Persistent per-site permissions
- Per-site revoke
- Local-only signing
- Session allow/deny
- Permanent allow/deny
- Local signer visibility
- NIP-04 permission flow
Zap Browser acts as a local signer.
The browser does not publish profile metadata automatically and does not modify remote Nostr profiles.
Zap Browser includes a browser-style bookmark system.
Features:
- Bookmarks bar
- Favorites panel
- Folders
- Folder-based saving
- Rename bookmarks/folders
- Move bookmarks/folders
- Recursive delete support
- Bookmark search
- Import/export support
- Legacy migration support
Zap Browser includes persistent download management.
Features:
- Downloads panel
- Live progress
- Completed/cancelled states
- Cancel active downloads
- Open downloaded file
- Show file in folder
- Persistent download history
- Clear download history
Built-in protections include:
- Network-level blocklist
- Cosmetic filtering
- Early ad/CMP blocking
- Popup blocking
- Overlay blocking
- Sticky ad suppression
- WebRTC leak protection
- Tracking header stripping
- User-Agent rotation
- Session-based fingerprint profiles
- Canvas anti-fingerprinting
- WebGL mitigation
- Navigator property normalization
- Private tabs
- Tor proxy routing
- No telemetry
Zap Browser uses a compatibility-first privacy baseline. The goal is to reduce tracking while keeping websites usable.
Zap Browser can route browsing traffic through a local SOCKS Tor proxy.
Current Tor features:
- Toggle Tor routing from the browser UI
- Configurable SOCKS host/port
- Default session Tor routing
- Private tab Tor routing
- Proxy reset when Tor is disabled
- Shared proxy policy across existing tab sessions
Tor must be running locally, usually on:
127.0.0.1:9050
Private tabs use isolated browser sessions.
Private mode behavior:
- Separate Electron session partition
- No private browsing history persistence
- Cache/storage cleanup on close
- Tor routing supported
- Visible private tab indicator
- Private session UI banner
Zap Browser includes early anti-fingerprinting protections.
Current protections include:
- Session-based fingerprint profiles
- Platform normalization
- Hardware concurrency spoofing
- Device memory spoofing
- Timezone spoofing
- Language normalization
- WebDriver masking
- Media device reduction
- Canvas mitigation
- WebGL debug renderer mitigation
This is an MVP privacy layer, not a Tor Browser replacement.
Portable mode is designed for USB and offline environments.
When a .portable marker exists, Zap Browser stores user data under:
zap-data/
Portable backend support includes:
- Portable profile path
- Passphrase-derived runtime key
- Salt/verifier configuration
- Local encrypted wallet/Nostr/NWC compatibility
Future work will add a dedicated unlock UI, auto-lock and stronger full-profile encryption.
Zap Browser includes multiple built-in themes, including:
- Obsidian
- Graphite
- Midnight
- Neon Glass
- Sovereign Terminal
- Minimal Dark
Themes can be switched instantly from Settings.
Zap Browser can detect new releases directly from GitHub and notify users when updates are available.
The update system is local-only and does not send telemetry or analytics.
Zap Browser handles real money and private keys.
Security principles:
- Private keys stay local
- Nostr signing happens locally
- NWC secrets remain encrypted locally
- Wallet seed data is encrypted locally
- No cloud sync
- No telemetry
- Explicit permission model
- Lightning payments require confirmation
- Sensitive IPC channels are validated
Current protections include:
- AES-256-GCM encryption
- OS keychain integration
- Runtime key support for portable mode
- Local signer isolation
- NIP-07 permission flow
- Private session isolation
Zap Browser is still beta software.
Do not store life-changing funds inside the browser.
chmod +x Zap-Browser.AppImage ./Zap-Browser.AppImage
sudo dpkg -i zap-browser.deb
sudo rpm -Uvh zap-browser.rpm
Download either:
- installer
.exe - portable
.zip
from the GitHub Releases page.
git clone https://github.com/shadowbipnode/Zap-Browser.git cd Zap-Browser
npm install
./node_modules/.bin/electron-rebuild -f -w better-sqlite3
npm start
- Open a wallet supporting Nostr Wallet Connect.
- Create an NWC connection.
- Copy the
nostr+walletconnect://string. - Open Wallet inside Zap Browser.
- Paste the connection string.
- Start using Lightning directly from the browser.
- Import or create a Nostr identity.
- Open a NIP-07 compatible website.
- Approve or deny permission requests.
- Manage permissions locally from Zap Browser.
- Start Tor locally.
- Enable Tor from Zap Browser.
- Test with
https://check.torproject.org.
Planned focus:
- Optional embedded Tor runtime
- Improved Tor diagnostics
- Better Tor UX and onboarding
- Android feasibility research
- Browser engine abstraction groundwork
- Electron to Tauri migration evaluation
- stronger browser engine abstraction
- optional SQLCipher/full DB encryption
- Argon2id portable KDF
- advanced Cashu wallet flows
- deeper Nostr app compatibility
- improved privacy test reporting
Contributions, testing and security feedback are welcome.
Priority areas:
- privacy protections
- Electron hardening
- Tor routing
- anti-fingerprinting research
- Lightning UX
- LNURL flows
- Cashu UX
- NIP-07 compatibility
- native browser UI architecture
- Linux and Windows packaging
Zap Browser is beta software.
Please treat it accordingly.
Security principles:
- private keys stay local
- NWC secrets are encrypted locally
- no automatic Nostr metadata publishing
- no telemetry
- explicit permission model
- local-first architecture
Please report vulnerabilities responsibly.
Zap Browser is developed as an independent open-source project.
If you find it useful, consider supporting development:
- GitHub Sponsors: https://github.com/sponsors/shadowbipnode
- Lightning: zap@shadowbip.com
- Bitcoin: bc1qgppvys2e0zx3r87fvtdytwped3xft385sj9800
MIT
Sovereign browsing for Bitcoin, Lightning, Cashu, Nostr and privacy-first workflows.