Signstr

Never paste your nsec again. Store your Nostr identity in one vault. Connect your clients. Approve with a tap.

Download for iOS Get a NostrKey Card

Free  ·  Open Source  ·  No Account Needed

Your nsec is in five different apps right now. Every Nostr client asks for it. Every time you paste it, you trust that app with your entire identity. If any one of them is compromised, your key is gone. No password reset. No recovery. Gone.

Signstr is your vault.

Store once. Connect everywhere. Approve with a tap.

01

Store Your Key

Import your nsec or generate a new identity. Your key is encrypted by the Secure Enclave and never leaves Signstr.

02

Connect Your Clients

In Damus, Primal, or any NIP-46 client, choose "Log in with Nostr Connect." Scan the QR code with Signstr. Your client never sees your nsec.

03

Approve with a Tap

When a client wants to post, react, or DM, Signstr asks you. You see what is being signed. You approve with Face ID. Done.

Your key stays in Signstr. Your clients just work.

Signstr connects via NIP-46 (Nostr Connect). Any compatible client can request signatures without ever touching your nsec.

Damus Primal Amethyst Snort Iris Coracle Nostrudel Any NIP-46 Client

NIP-46 support varies by client. List updated as adoption grows.

Always ask. Or set it and forget it.

Every app gets its own signing policy. You decide how much trust to give each client. Change it any time.

Ask Every Time

See every signing request. Approve each one individually with Face ID. Maximum control.

Trust for a Session

Auto-approve for one hour, 24 hours, or a custom period. Approve once, then use your client freely.

Trust by Event Kind

Auto-approve reactions and reposts but always ask for DMs and profile edits. Granular control per event type.

Move your key off your phone entirely.

NostrKey is an NFC smartcard with a certified secure element. Migrate your nsec from Signstr to the card, delete it from your phone, and sign events by tapping the card. Your private key never touches a device again.

Chip

NXP J3R180 SECID

Certification

EAL6+ Common Criteria

Signing

Schnorr / BIP-340

Interface

NFC + Contact

£14.99

Includes UK shipping. Plain envelope. No branding.

Open Source Applet
PIN Protected
Up to 16 Identities
Credit-Card Sized

Software vault or hardware vault. Your call.

Signstr

Free

  • Key storage Device Secure Enclave
  • Approve method Face ID
  • Remote signing NIP-46
  • Air-gapped? No
  • Trust policies Per-app, per-kind
  • Open source? Yes

Verify everything. Trust nothing.

The app and the card applet are fully open source. Read the code. Build it yourself. This is how security should work.

Signstr App

Platform iOS (Android coming)
Protocol NIP-46 (Nostr Connect)
Licence GPL-3.0
Key storage Secure Enclave (AES-256)
Signing secp256k1 Schnorr (BIP-340)
Source GitHub

NostrKey Card

Chip NXP J3R180 SECID
Certification EAL6+
Applet Satochip v0.14 (AGPLv3)
Key slots Up to 16 identities
PIN 4-16 chars, auto-lock
Dimensions 85.6 x 54mm (credit card)
Source GitHub

Questions

A Nostr identity vault and remote signer. It securely stores your private key (nsec) and signs events when your Nostr clients ask it to. You never paste your nsec into another app again.
No. You do not compose posts or browse feeds in Signstr. Use Damus, Primal, Amethyst, or any client you like. Signstr just holds your key and signs things when those clients ask.
Via NIP-46 (Nostr Connect). In your client, choose "Log in with Nostr Connect." Scan the QR code with Signstr. Done. Your client can now request signatures without ever seeing your nsec.
Any client that supports NIP-46 / Nostr Connect. This includes Damus (partial), Amethyst, and most web clients such as Snort, Iris, and Coracle. Support is growing across the ecosystem.
That is up to you. You can set per-app policies: approve every time, trust for a session (1 hour, 24 hours, etc.), or auto-approve certain event types while always asking for others. Your key, your rules.
The app is completely free. The optional NostrKey hardware card is £14.99.
An NFC smartcard with a certified secure element (EAL6+). Your nsec lives on the card's chip and signs events by tap. Your key never touches your phone. Plain black, credit-card sized, no branding.
Amber is Android only. Signstr is for iOS. Both are remote signers. Signstr also offers an optional NFC hardware card for air-gapped signing, which no other mobile signer provides.
Yes. The app is GPL-3.0. The card applet is AGPLv3 (Satochip). Full source is on GitHub.
Your nsec is encrypted by the Secure Enclave, which is tied to your device. If you lose your phone and have not backed up your nsec, you lose your Nostr identity. Keep a backup. A HushChip card (£9.99) is ideal for cold nsec storage.
Yes. Lightning Network and on-chain Bitcoin via BTCPay Server. We also accept card payments through Stripe.
Cards ship as standard letters via Royal Mail. UK first, with international shipping available.

Never paste your nsec again.

Download Signstr for free. Connect your clients. Go air-gapped when you are ready.