🔐 NIP‑49 Key Decrypt Fully Offline Self-Contained HTML

A simple, browser-based tool for decrypting NIP-49 (password-protected) Nostr keys — fully offline.
It ensures your private key never leaves your device and gives users full transparency into what code is running.

---

✅ Overview & Motivation

This tool was built to make secure, offline decryption of NIP-49 encrypted Nostr keys easy for anyone — without requiring Node.js, servers, or dependencies.

Most web-based cryptography tools fetch external scripts from CDNs each time they run, which can expose users to privacy or supply-chain risks.
The NIP-49 Offline Decrypt Tool avoids this by letting users:

1. Fetch the required libraries once while online.
2. Package everything into a self-contained HTML file.
3. Disconnect from the internet and safely decrypt their NIP-49 key offline.

---

⚙️ How It Works

The app runs entirely in the browser using JavaScript and modern Web APIs:

1. Library Fetching (Online)
   The user downloads the required cryptographic libraries:

   • libsodium-wrappers
   • scrypt-js
   • bech32

   These are loaded into memory, never uploaded anywhere, and stored temporarily for packaging.

2. Self-Contained Export
   The app lets you export a new nip49-offline.html file that includes:

   • The libraries (embedded inline)
   • The app logic
   • The interface for decryption

3. Offline Mode (Decryption)
   Once exported, the tool verifies that you are offline and allows decryption of your NIP-49 key locally.

---

🚀 Usage Instructions (Step-by-Step)

1. Open the Online Tool
   Visit the hosted version or open the HTML file locally with an internet connection.

2. Step 1: Download Libraries

   • Click “Download Libraries”
   • The tool will fetch and store the required scripts in memory.
   • You’ll see progress indicators for each library.

3. Step 2: Export Offline HTML

   • Once all libraries are fetched, click “Export Self-Contained HTML”.
   • This creates a new nip49-offline.html file with everything embedded.
   • Save the file to your computer.

4. Step 3: Go Offline

   • Disconnect from the internet.
   • Open your saved nip49-offline.html file in your browser.

5. Step 4: Decrypt

   • Paste your NIP-49 encrypted key and password.
   • Click “Decrypt.”
   • Your private key will be displayed (never transmitted anywhere).

---

🔐 Security Notes

• All operations happen entirely in your browser — no data leaves your device.
• The exported HTML file contains all logic and dependencies inline.
• To verify safety, you can inspect the final file contents — everything is human-readable JavaScript and HTML.
• Always perform decryption offline and with your network fully disabled for maximum safety.

---

🧠 Technical Details

• Language: HTML, JavaScript (no build tools required)
• Libraries Used:
  • libsodium-wrappers — cryptographic operations
  • scrypt-js — password-based key derivation
  • bech32 — encoding/decoding NIP-49 format
• Features:
  • Detects online/offline state dynamically
  • In-memory caching of library source code
  • Self-contained HTML export using Blob and URL.createObjectURL
  • Minimal UI for clarity and transparency

---

---

---

---

🔐 NIP‑49 Key Encrypt/Decrypt & Conversion CLI

A tiny, no-fuss command-line tool / self contained HTML to encrypt, decrypt, and convert Nostr keys — safely and offline.

Built for privacy-conscious users who want a secure and user-friendly way to handle their Nostr keys using NIP‑49.

---

✨ Features

• 🔐 Encrypt / Decrypt your Nostr nsec keys using a password (NIP‑49)
• 🔁 Convert private key hex ↔ nsec and public key hex ↔ npub
• 🧭 Friendly CLI with step-by-step wizard prompts
• ⚙️ Pure Python. No compiling, no GUI — just run and go
• 🔒 Secure: works 100% offline — no network requests

---

🍎 macOS CLI Setup

✅ 1. Install Python 3 (via Homebrew)

If you don’t already have Python 3:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
brew install python

Confirm it’s working:

python3 --version

📦 Installation

📁 1. Clone the repo
git clone https://github.com/btcforplebs/nip49-decrypt.git

cd nip49-decrypt

🧪 2. Create and activate a virtual environment

python3 -m venv venv
source venv/bin/activate

📦 3. Install Python packages

pip install bech32 cryptography ecdsa pynacl
If pynacl fails, the script will fall back to cryptography for encryption.

✅ 4. Make it executable

chmod +x nip-49decrypt

▶️ Usage From the project directory, run:

./nip-49decrypt

You’ll see a friendly menu:

Choose an action:
  (d) Decrypt an encrypted key with password
  (e) Encrypt a private key with password
  (h) Convert private key hex to nsec
  (p) Convert public key hex to npub
  (q) Quit

🔐 Example: Decrypt a Key

Select (d) Paste your ncryptsec string Enter your password (input hidden) View your decrypted raw private key and corresponding nsec

🛠️ Other Features

Convert raw hex → nsec Choose (h) and enter your private key as 64-character hex. Convert public key hex → npub Choose (p) and paste a 66-character (compressed) or 130-character (uncompressed) public key in hex. Encrypt nsec → ncryptsec Choose (e) and paste your private key (hex or nsec). You’ll be prompted for a password, and the script will return a password-encrypted ncryptsec.

🧼 To Exit

Use (q) or press Ctrl + C at any time.

📁 Files

File Description nip-49decrypt Main Python script README.md This help file venv/ Your virtual environment (optional)

🧠 FAQ

❓ Is this secure? ✅ Yes. This script never sends anything over the internet. ❓ Can I run it offline? ✅ 100%. Works without an internet connection.

❓ What if a Python package is missing? 🛠️ The script will detect it and print exact instructions for how to install it.

❓ Can I compile this to a single file? Yes! You can use tools like pyinstaller to build a standalone binary.

🤝 Credits

Built with ❤️ by plebs, for plebs. Inspired by NIP‑49 and the Nostr community.

🛡️ License

MIT — Free for all. Fork, contribute, share.