Emin, Nuri.com's avatar
Emin, Nuri.com
emin@nuri.com
npub1mwvw...5c53
Nuri.com Bitcoin Credit Card. Live on Bitcoin. NFC Hardware Wallets. Multi-Signature.
Emin, Nuri.com's avatar
emino 7 months ago
NotebookLM is nice but the app is 100% vibe coded, horribly bad
image image
Emin, Nuri.com's avatar
emino 7 months ago
Mermaid Chart
Mermaid Chart makes diagramming simple: create and edit flowcharts, sequence diagrams, and more online. Collaborate in real time and save hours.
 flowchart TD %% USER DEVICE subgraph "User Device" direction TB DevPasskey["Built-in Device Passkey<br/>(Face ID / Touch ID)"]:::int WebAuthn["WebAuthn assertion<br/>(via external key OR device passkey)"]:::logic KeyShareA["Key Share A<br/>(AES-encrypted at rest,<br/>gated by Secure Enclave)"]:::secret FROSTSign["FROST MPC signing<br/>(runs in device RAM<br/>after user auth)"]:::compute EncA["Encrypted backup of<br/>Key Share A<br/>(iCloud/Google — passkey-encrypted, never plain)"]:::backup PasskeySync["Passkey backup<br/>(iCloud/Google)"]:::backup DevPasskey --> WebAuthn DevPasskey --> PasskeySync WebAuthn -->|unlock| KeyShareA KeyShareA -- "decrypted → RAM" --> FROSTSign KeyShareA -. "passkey-encrypted<br/>export only" .-> EncA FROSTSign -- "Partial Sig A" --> Combine end %% EXTERNAL: hardware FIDO2 key for normal use HWKey["Hardware Security Key<br/>(FIDO2 token, USB/NFC)"]:::ext HWKey --> WebAuthn %% GUARDIAN / SOCIAL SHARE C (Shamir split, not passkey-encrypted) GuardianShareC["Guardian/Social Recovery<br/>Share C (Shamir split, not passkey-encrypted)"]:::secret EncC["Distributed guardian shares of C<br/>(print, cloud, trusted people)<br/>Collect quorum to reconstruct"]:::backup GuardianShareC -- "split and distribute (Shamir)" --> EncC EncC --> RecoveryTool %% OPTIONAL: hardware Bitcoin wallet full signing HWBtc["Hardware Bitcoin Wallet<br/>(Ledger/Trezor/BitBox)"]:::opt HWBtc -.-> Combine %% SERVER / TEE subgraph "Server / TEE (Nitro Enclave)" direction TB WebAuthnSrv["WebAuthn required<br/>to access"]:::logic ShareB["Key Share B<br/>(sealed inside TEE)"]:::secret EnclaveSign["Partial Sig B<br/>(FROST, runs inside TEE)"]:::compute WebAuthnSrv --> ShareB ShareB --> EnclaveSign EnclaveSign -- "Partial Sig B" --> Combine end %% THRESHOLD COMBINE & CHAIN Combine["Combine Partial Sig A + B<br/>(FROST threshold signature)"]:::combine Blockchain["Broadcast to Bitcoin network"]:::chain Confirmed["Confirmed transaction"]:::chain Combine --> Blockchain --> Confirmed %% SOCIAL RECOVERY (MANDATORY) EncA --> RecoveryTool RecoveryTool -. "reconstruct C<br/>(from guardian shares)" .-> Combine %% NOTE Note1["Threshold MPC — full key **never** exists in one place.<br/> Mobile share is passkey-gated; server share lives only in TEE.<br/> Guardian/social recovery shares (Share C) are split among trusted people and NOT passkey-encrypted — collect quorum for recovery.<br/> **Server must be present for any spending, recovery, or inheritance (as in Bitkey).**<br/> If either share is compromised, wallet cannot be drained.<br/> Optional hardware wallet can provide additional resilience.<br/> Test your backup and recovery regularly."]:::note Note1 --- Combine %% STYLES classDef ext fill:#dbeafe,stroke:#1e3a8a,stroke-width:2px classDef int fill:#dbeafe,stroke:#475569,stroke-width:2px classDef logic fill:#ffffff,stroke:#000000,stroke-width:2px classDef secret fill:#ffe4e6,stroke:#be123c,stroke-width:2px classDef compute fill:#fff7ed,stroke:#a16207,stroke-width:2px classDef backup fill:#fefce8,stroke:#92400e,stroke-width:2px classDef combine fill:#e2e8f0,stroke:#334155,stroke-width:2px classDef chain fill:#ecfccb,stroke:#15803d,stroke-width:2px classDef note fill:#fff3cd,stroke:#b38f00,stroke-width:2px classDef opt fill:#f5f3ff,stroke:#6366f1,stroke-width:2px,stroke-dasharray:5 5
Emin, Nuri.com's avatar
emino 7 months ago
sequenceDiagram actor User as User / Wallet UI participant SECURITYKEY as Biometric Hardware<br/>(FIDO2 authenticator) participant ENCLAVE as Secure Enclave<br/>Share A note right of ENCLAVE: Signing happens securely here,<br/>ensuring no RAM leak. participant HSM as Cloud HSM<br/>Share B participant BTC as Bitcoin Network %% ─── Spend flow ─── User->>SECURITYKEY: 1️⃣ WebAuthn “get assertion” (physical touch) SECURITYKEY-->>User: hmac-secret + signature User->>ENCLAVE: 2️⃣ Unlock Share A (using hmac-secret) ENCLAVE-->>User: Partial Signature A User->>HSM: 3️⃣ Sign request + Security Key assertion proof HSM-->>User: Partial Signature B User->>User: 4️⃣ Combine Sig A + Sig B (FROST threshold) User->>BTC: 5️⃣ Broadcast Taproot tx BTC-->>User: Tx confirmed Note over User,BTC: Full private key is **never reconstructed** Security Key touch and Biometrics is always required.
Emin, Nuri.com's avatar
emino 7 months ago
Forked Bitkey and got the server running locally
Emin, Nuri.com's avatar
emino 7 months ago
As soon as Bolt, Replit, Lovable, Cursor, Windsurf, Aider, Cline, Roo, Codex and Co. are good enough we are going to re-build every SaaS tool into a Bitcoin Lighting Powered 402 paymentrequired.com !
Emin, Nuri.com's avatar
emino 7 months ago
Building a FIDO2 Biometric Passkey gated MPC Bitcoin Wallet image
Emin, Nuri.com's avatar
emino 8 months ago
Inspired by messengers, signal, whatsapp and co. i believe automatic phone verification (without manual code entry) like this, is one of the best user experiences out there to get started quickly.
Emin, Nuri.com's avatar
emino 8 months ago
Love the new keycard hardware wallet with type c reader for the laptop for $25!
Emin, Nuri.com's avatar
emino 8 months ago
Kind of what Nuri.com does for Bitcoin with a Biometric Smart Card (tba.)
Emin, Nuri.com's avatar
emino 8 months ago
I want to fork an open source bitcoin and lightning wallet that supports NFC to strip it down to be as easy as albygo but with an NFC hardware wallet for co-signing (multisig or mpc). Which wallet has the best base to do so? All suggestions are welcome, looking at Breeze and Green but there are so many I need input 🫆