🔐 NIP‑49 Key Decrypt Fully Offline Self-Contained HTML
A simple, browser-based tool for decrypting NIP-49 (password-protected) Nostr keys — fully offline.
It ensures your private key never leaves your device and gives users full transparency into what code is running.
✅ Overview & Motivation
This tool was built to make secure, offline decryption of NIP-49 encrypted Nostr keys easy for anyone — without requiring Node.js, servers, or dependencies.
Most web-based cryptography tools fetch external scripts from CDNs each time they run, which can expose users to privacy or supply-chain risks.
The NIP-49 Offline Decrypt Tool avoids this by letting users:
- Fetch the required libraries once while online.
- Package everything into a self-contained HTML file.
- Disconnect from the internet and safely decrypt their NIP-49 key offline.
⚙️ How It Works
The app runs entirely in the browser using JavaScript and modern Web APIs:
-
Library Fetching (Online)
The user downloads the required cryptographic libraries:These are loaded into memory, never uploaded anywhere, and stored temporarily for packaging.
-
Self-Contained Export
The app lets you export a newnip49-offline.htmlfile that includes:- The libraries (embedded inline)
- The app logic
- The interface for decryption
-
Offline Mode (Decryption)
Once exported, the tool verifies that you are offline and allows decryption of your NIP-49 key locally.
🚀 Usage Instructions (Step-by-Step)
-
Open the Online Tool
Visit the hosted version or open the HTML file locally with an internet connection. -
Step 1: Download Libraries
- Click “Download Libraries”
- The tool will fetch and store the required scripts in memory.
- You’ll see progress indicators for each library.
-
Step 2: Export Offline HTML
- Once all libraries are fetched, click “Export Self-Contained HTML”.
- This creates a new
nip49-offline.htmlfile with everything embedded. - Save the file to your computer.
-
Step 3: Go Offline
- Disconnect from the internet.
- Open your saved
nip49-offline.htmlfile in your browser.
-
Step 4: Decrypt
- Paste your NIP-49 encrypted key and password.
- Click “Decrypt.”
- Your private key will be displayed (never transmitted anywhere).
🔐 Security Notes
- All operations happen entirely in your browser — no data leaves your device.
- The exported HTML file contains all logic and dependencies inline.
- To verify safety, you can inspect the final file contents — everything is human-readable JavaScript and HTML.
- Always perform decryption offline and with your network fully disabled for maximum safety.
🧠 Technical Details
- Language: HTML, JavaScript (no build tools required)
- Libraries Used:
libsodium-wrappers— cryptographic operationsscrypt-js— password-based key derivationbech32— encoding/decoding NIP-49 format
- Features:
- Detects online/offline state dynamically
- In-memory caching of library source code
- Self-contained HTML export using
BlobandURL.createObjectURL - Minimal UI for clarity and transparency
🔐 NIP‑49 Key Encrypt/Decrypt & Conversion CLI
A tiny, no-fuss command-line tool / self contained HTML to encrypt, decrypt, and convert Nostr keys — safely and offline.
Built for privacy-conscious users who want a secure and user-friendly way to handle their Nostr keys using NIP‑49.
✨ Features
- 🔐 Encrypt / Decrypt your Nostr
nseckeys using a password (NIP‑49) - 🔁 Convert private key hex ↔
nsecand public key hex ↔npub - 🧭 Friendly CLI with step-by-step wizard prompts
- ⚙️ Pure Python. No compiling, no GUI — just run and go
- 🔒 Secure: works 100% offline — no network requests
🍎 macOS CLI Setup
✅ 1. Install Python 3 (via Homebrew)
If you don’t already have Python 3:
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
brew install python
Confirm it’s working:
python3 --version
📦 Installation
📁 1. Clone the repo
git clone https://github.com/btcforplebs/nip49-decrypt.git
cd nip49-decrypt
🧪 2. Create and activate a virtual environment
python3 -m venv venv
source venv/bin/activate
📦 3. Install Python packages
pip install bech32 cryptography ecdsa pynacl
If pynacl fails, the script will fall back to cryptography for encryption.
✅ 4. Make it executable
chmod +x nip-49decrypt
▶️ Usage From the project directory, run:
./nip-49decrypt
You’ll see a friendly menu:
Choose an action:
(d) Decrypt an encrypted key with password
(e) Encrypt a private key with password
(h) Convert private key hex to nsec
(p) Convert public key hex to npub
(q) Quit
🔐 Example: Decrypt a Key
Select (d) Paste your ncryptsec string Enter your password (input hidden) View your decrypted raw private key and corresponding nsec
🛠️ Other Features
Convert raw hex → nsec Choose (h) and enter your private key as 64-character hex. Convert public key hex → npub Choose (p) and paste a 66-character (compressed) or 130-character (uncompressed) public key in hex. Encrypt nsec → ncryptsec Choose (e) and paste your private key (hex or nsec). You’ll be prompted for a password, and the script will return a password-encrypted ncryptsec.
🧼 To Exit
Use (q) or press Ctrl + C at any time.
📁 Files
File Description nip-49decrypt Main Python script README.md This help file venv/ Your virtual environment (optional)
🧠 FAQ
❓ Is this secure? ✅ Yes. This script never sends anything over the internet. ❓ Can I run it offline? ✅ 100%. Works without an internet connection.
❓ What if a Python package is missing? 🛠️ The script will detect it and print exact instructions for how to install it.
❓ Can I compile this to a single file? Yes! You can use tools like pyinstaller to build a standalone binary.
🤝 Credits
Built with ❤️ by plebs, for plebs. Inspired by NIP‑49 and the Nostr community.
🛡️ License
MIT — Free for all. Fork, contribute, share.