-
@ hodlpleb
2025-03-10 21:33:54
I don't have a ton of experience with it, but a "bunker" is often referenced as the safest way to store a nsec
Some people also have nsec hardware signing devices, akin to a bitcoin hardware wallet.
Also seems you could generate an nsec from a seed phrase, but then you still have to have the nsec available for signing.
1. Generate a Seed Phrase: Use a BIP39-compatible wallet or library to generate a seed phrase. This phrase usually consists of 12, 15, 18, 21, or 24 words.
2. Derive a Seed: Convert the seed phrase into a binary seed using the BIP39 standard. This involves using a key stretching function (PBKDF2) to derive a seed from the mnemonic.
3. Generate a Private Key: Use the derived seed to generate a private key. This can be done using a specific derivation path that is compatible with the Nostr protocol.
4. Convert to NSEC: The private key can then be converted into the NSEC format, which is typically a base64-encoded string.