thePR0M3TH3AN/seedPass
1
0
Fork 0
mirror of https://github.com/PR0M3TH3AN/SeedPass.git synced 2025-09-07 14:58:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: add Nostr setup guide and architecture overview

Browse Source
This commit is contained in:
thePR0M3TH3AN
2025-08-06 10:09:05 -04:00
parent 072db52650
commit 1a35bb42bd
3 changed files with 51 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
README.md
View File

@@ -49,7 +49,7 @@ SeedPass now uses the `portalocker` library for cross-platform file locking. No
- **Deterministic Password Generation:** Utilize BIP-85 for generating deterministic and secure passwords. - **Deterministic Password Generation:** Utilize BIP-85 for generating deterministic and secure passwords.
- **Encrypted Storage:** All seeds, login passwords, and sensitive index data are encrypted locally. - **Encrypted Storage:** All seeds, login passwords, and sensitive index data are encrypted locally.
- **Nostr Integration:** Post and retrieve your encrypted password index to/from the Nostr network. - **Nostr Integration:** Post and retrieve your encrypted password index to/from the Nostr network. See [Nostr Setup](docs/nostr_setup.md) for relay configuration and event details.
- **Chunked Snapshots:** Encrypted vaults are compressed and split into 50 KB chunks published as `kind 30071` events with a `kind 30070` manifest and `kind 30072` deltas. The manifest's `delta_since` field stores the UNIX timestamp of the latest delta event. - **Chunked Snapshots:** Encrypted vaults are compressed and split into 50 KB chunks published as `kind 30071` events with a `kind 30070` manifest and `kind 30072` deltas. The manifest's `delta_since` field stores the UNIX timestamp of the latest delta event.
- **Automatic Checksum Generation:** The script generates and verifies a SHA-256 checksum to detect tampering. - **Automatic Checksum Generation:** The script generates and verifies a SHA-256 checksum to detect tampering.
- **Multiple Seed Profiles:** Manage separate seed profiles and switch between them seamlessly. - **Multiple Seed Profiles:** Manage separate seed profiles and switch between them seamlessly.
@@ -82,32 +82,31 @@ before fading.
SeedPass follows a layered design. The **`seedpass.core`** package exposes the SeedPass follows a layered design. The **`seedpass.core`** package exposes the
`PasswordManager` along with service classes (e.g. `VaultService` and `PasswordManager` along with service classes (e.g. `VaultService` and
`EntryService`) that implement the main API used across interfaces. `EntryService`) that implement the main API used across interfaces. Both the
The command line tool in **`seedpass.cli`** is a thin adapter built with Typer command line tool in **`seedpass.cli`** and the FastAPI server in
that delegates operations to this API layer. **`seedpass.api`** delegate operations to this core. The BeeWare desktop
interface (`seedpass_gui.app`) and an optional browser extension reuse these
services, with the extension communicating through the API layer.
The BeeWare desktop interface lives in **`seedpass_gui.app`** and can be Nostr synchronisation lives in the **`nostr`** modules. The core services call
started with either `seedpass-gui` or `python -m seedpass_gui`. It reuses the into these modules to publish or retrieve encrypted snapshots and deltas from
same service objects to unlock the vault, list entries and search through them. configured relays.
An optional browser extension can communicate with the FastAPI server exposed by
`seedpass.api` to manage entries from within the browser.
```mermaid ```mermaid
graph TD graph TD
core["seedpass.core"]
cli["CLI"] cli["CLI"]
api["FastAPI server"] api["FastAPI server"]
gui["BeeWare GUI"] core["seedpass.core"]
ext["Browser Extension"] nostr["Nostr client"]
relays["Nostr relays"]
cli --> core cli --> core
gui --> core
api --> core api --> core
ext --> api core --> nostr
nostr --> relays
``` ```
See `docs/ARCHITECTURE.md` for details. See `docs/ARCHITECTURE.md` and [Nostr Setup](docs/nostr_setup.md) for details.
## Prerequisites ## Prerequisites

33
docs/nostr_setup.md Normal file
View File

@@ -0,0 +1,33 @@
# Nostr Setup
This guide explains how SeedPass uses the Nostr protocol for encrypted vault backups and how to configure relays.
## Relay Configuration
SeedPass communicates with the Nostr network through a list of relays. You can manage these relays from the CLI:
```bash
seedpass nostr list-relays # show configured relays
seedpass nostr add-relay <url> # add a relay URL
seedpass nostr remove-relay <n> # remove relay by index
```
At least one relay is required for publishing and retrieving backups. Choose relays you trust to remain online and avoid those that charge high fees or aggressively ratelimit connections.
## Manifest and Delta Events
Backups are published as parameterised replaceable events:
- **Kind 30070 Manifest:** describes the snapshot and lists chunk IDs. The optional `delta_since` field stores the UNIX timestamp of the latest delta event.
- **Kind 30071 Snapshot Chunk:** each 50 KB fragment of the compressed, encrypted vault.
- **Kind 30072 Delta:** captures changes since the last snapshot.
When restoring, SeedPass downloads the most recent manifest and applies any newer delta events.
## Troubleshooting
- **No events found:** ensure the relays are reachable and that the correct fingerprint is selected.
- **Connection failures:** some relays only support WebSocket over TLS; verify you are using `wss://` URLs where required.
- **Stale data:** if deltas accumulate without a fresh snapshot, run `seedpass nostr sync` to publish an updated snapshot.
Increasing log verbosity with `--verbose` can also help diagnose relay or network issues.

4
src/seedpass/cli/nostr.py
View File

@@ -5,7 +5,9 @@ import typer
from .common import _get_services, _get_nostr_service from .common import _get_services, _get_nostr_service
app = typer.Typer(help="Interact with Nostr relays") app = typer.Typer(
help="Interact with Nostr relays. See docs/nostr_setup.md for configuration and troubleshooting."
)
@app.command("sync") @app.command("sync")