NanoMemo.cc — Cryptographically secure memos for every Nano block

NanoMemo.cc — Cryptographically secure memos for every Nano block

Posting here for feedback and discussion. Intent is to be able to write a free-text memo field for any existing Nano Block. Offers integrity through digital signatures and optional confidentiality through encryption. All with existing public/private keys associated with a Nano Account.

Overview provided in the medium article with a few more FAQs here: Docs | NanoMemo.cc

My main concerns

  • Usability -- if there is a demand for a service like this, it is best implemented through trusted wallets
  • Auditing -- what is the appropriate level of auditing to for a library that deals with digital signatures and encryption/decryption?
  • Key conversion -- encryption keys (Curve25519) are converted from signing keys (Ed25519), the action (via ed2curve-js modified to use blake2b) is the library that seems to have the least security/audit testing

Appreciate your time and consideration!

2 Likes

Would you consider providing the service at no cost to community run, non-commercial wallets such as Nault? Otherwise it's probably never going to be integrated.

On the topic of cost, there is intent to eventually make this a paid service if memos are stored in the NanoMemo database. There is currently no cost for up to 100 memos/day as the site is "beta".

But I like the idea of no cost (probably tiered limits as need dictates) to certain non-commercial projects.

I read through your github issue and saw your referenced reddit comment. NanoMemo seems to be at "Level 3", a centralized service with a public interface.

I'll leave it at that here, but I'll jump over to github to comment on a potential Nault integration.

Oh if you saw that, you might like some other posts I made. I think they are all collected here.

From my original post: you might consider storing more than just a memo field (but signed and encrypted in the same way):

  • Fiat value at time of transaction (e.g. in a wallet you can often specify a fiat value, so that value could be 'attached' to the block, same as the memo field). Very useful for accounting purposes.
  • Date and time of block creation
  • Contacts could be encrypted and backed up in the same way (though not attached to blocks). Just an extra service the database could do.

In my mind, the owner of a block can also update a memo, but both values are stored, like each block has its own second layer block chain, showing the edit history. Maybe that's already part of your design, I don't know.