NIP-4B ====== nsec Transfer -------------------- `draft` `optional` This NIP defines how to accomplish nsec transfer from client to client including browser extensions or signers. ## Terminology - **Source client**: A client that holds the user's nsec. - **Destination client**: A client that doesn't have the user's nsec and wants it. - **Ephemeral pubkey**: A pubkey of a key pair generated for one-time use only. ## Flow ### 1. The destination client creates a transfer request URL. 1. The client generates an ephemeral pubkey. 2. The client creates a transfer request URL, which includes the ephemeral pubkey and relay URLs. 3. The client shows the user the URL. The client MAY show the user a QR code. 4. The client subscribes to the relays and waits for the kind-1059 response, which includes the `["p", ""]` tag. #### Transfer request URL ``` transfer://?relay=&relay= ``` ### 2. The source client responds with gift-wrapped ncryptsec. 1. The user enters the transfer request URL. 2. The client parses the URL. 3. The client generates an ncryptsec ([NIP-49](./49.md)) from the user's nsec and a random 6-digit PIN. 4. The client creates an ncryptsec rumor ([NIP-59](./59.md)) event. 5. The client seals and gift-wraps the rumor event. 6. The client publishes the gift-wrapped event to the destination's relays. 7. The client shows the user the PIN. #### ncryptsec rumor event `kind: 24144` This event MUST NOT be signed. ```jsonc { "kind": 24144, "pubkey": "", "content": "", // ... } ``` #### Sealed event ```jsonc { "pubkey": "", "content": "", "kind": 13, "sig": "" // ... } ``` #### Gift-wrapped event `source client's ephemeral pubkey B` MUST NOT be the same as `A` described above. ```jsonc { "pubkey": "", "content": "", "kind": 1059, "tags": [["p", ""]], "sig": "" // ... } ``` ### 3. The destination client fetches the response. 1. The client fetches and validates the gift-wrapped event. 2. The client prompts the user to enter the PIN. 3. If the PIN is valid, the client retrieves the user's nsec from the ncryptsec.