As I sit around on my couch, I have 2 vibe coding ideas in my head and I’m wondering why I don’t just get up and make them a reality. Or maybe I can from my phone 🤔

@Damus can we have this? 🤞 View quoted note →

Shipped! (I think 🤣) Some wild stuff happening behind the scenes that I don’t fully understand but it seems to be working. real cryptographers, please let me know how stupid this is or if it’s decent: **Publishing (Encryption):** 1. Generate a random 256-bit master encryption key 2. Encrypt the content URL using AES-GCM with the master key + random IV 3. Encrypt the master key twice: 1. Once for creator access: using creator's private key + zapwall ID via PBKDF2 2. Once for payment access: using deterministic key derived from zapwall ID 4. Store encrypted content URL, encrypted master keys, and IVs in the Nostr event tags **Payment-based Decryption:** 1. Derive payment key from zapwall ID using PBKDF2 with fixed salt "zapwall-payment-key-v1" 2. Use payment key to decrypt the payment-encrypted master key 3. Import the decrypted master key as AES-GCM key 4. Use master key + stored IV to decrypt the content URL 5. Return plaintext content URL to user The content URL is never stored in plaintext on Nostr - only the encrypted version with cryptographic keys that require either creator ownership or valid payment to decrypt. View quoted note →

Oh man I may have gotten encryption to work on URLs 🤞

Me trying to fix my vibe hacked apps

Attempting to add encryption View quoted note →

I should note that the URL is not hashed or encrypted so anyone could basically see it if they inspected the event. This definitely needs additional work. Only use it if you don’t care that a technically capable person will see the URL. View quoted note →

We should have an event for Nostr apps… so we can easily discover them and who made them. No need to ever add or anything.