Using NFC Cards with Nostr

Using NFC Cards with Nostr

Tldr

  • Nostr is an open protocol which is interoperable with all kinds of other technologies
  • You can use this interoperability to create custom solutions
  • Nostr apps define a custom URI scheme handler "nostr:"
  • In this blog I use this to integrate Nostr with NFC cards
  • I create a Nostr NFC "login card" which allows me to log into Amethyst client
  • I create a Nostr NFC "business card" which allows anyone to find my profile with a tap

Inter-Op All The Things!

Nostr is a new open social protocol for the internet. This open nature is very exciting because it means Nostr can add new capabilities to all other internet-connected technologies, from browsers to web applications. In my view, it achieves this through three core capabilities.

  • A lightweight decentralised identity (Nostr keys, "npubs" and "nsecs"),
  • A lightweight data distribution network (Nostr relays),
  • A set of data interoperability standards (The Nostr Improvement Protocols "NIPs"), including the "nostr:" URI which we'll use in this post.

The lightweight nature is its core strength. Very little is required to interoperate with Nostr, which means many existing technologies can be easily used with the network.

Over the next few blog posts, I'll explore different Nostr inter-op ideas, and also deliver my first small open source projects to the community. I'll cover–

  • NFC cards integrated with Nostr (in this post),
  • Workflow Automations integrated with Nostr,
  • AI LLMs integrated with Nostr.

The "Nostr:" URI

One feature of Nostr is it defines a custom URI scheme handler "nostr:". What is that?

A URI is used to identify a resource in a system. A system will have a protocol handler registry used to store such URI's, and if a system has a URI registered, then it knows what to do when it sees it. You are probably already familiar with some URI schemes such as "http:" and "mailto:". For example, when you click an http link, the system knows that it describes an http resource and opens a web browser to fetch the content from the internet.

A nostr: link operates in the same way. The nostr: prefix indicates a custom URI scheme specifically designed for the Nostr protocol. If a system has a Nostr application installed, that application may have registered "nostr:" in the protocol handler registry. On that system when a "nostr:" URI is clicked, the system will know that it describes a nostr resource and open the Nostr client to fetch the content from the nostr relay network.

This inter-op with the protocol handler registry gives us the power to do nice and exciting things with other technologies.

Nostr and NFC

Another technology that uses URIs is NFC cards. NFC (Near Field Communication) is a wireless technology that enables devices to exchange data over a few centimeters. It’s widely used in contactless payments, access control, and information sharing.

NFC tags are small chips embedded in cards or stickers which can store data like plain text, URLs, or custom URIs. They are very cheap (cents each) and widely available (Amazon with next day delivery).

When an NFC tag contains a URI, such as a http: (or nostr:) link, it acts as a trigger. Tapping the tag with an NFC-enabled device launches the associated application and processes the URI. For example, tapping a tag with "nostr:..." could open a Nostr client, directing it to a specific login page, public profile, or event.

This inter-op allows us to bridge the physical world to Nostr with just a tap.

Many useful ideas

There are many interesting ways to use this. Too many for me to explore. Perhaps some of these are interesting for your next side hustle?

  • Nostr NFC "login cards" – tap to log into Amethyst on Android,
  • Nostr NFC "business cards" – give to connections so they can tap to load your npub,
  • Nostr NFC "payment cards" – integrating lightning network or ecash,
  • Nostr NFC "doorbells", "punch cards", "drop boxes", or "dead drops" – put a tag in a specific place and tap to open a location-specific message or chat,
  • Integrations with other access control systems,
  • Integrations with other home automation systems,
  • Many more ...

To start with I have built and use the "login card" and "business card" solutions. This blog post will show you how to do the same.

Nostr Login Card

You can use an NFC card to log into your Nostr client.

Most Nostr clients accept a variety of login methods, from posting your nsec into the app (insecure) to using a remote signer (more secure). A less known but more secure method is to sign into a session with a tap of a specially-configured NFC card. Amethyst is a Nostr client on Android which supports this type of login.

  • A secure method for logging in
  • Optionally keeps no log in history on the device after logout
  • Does not require users to know or understand how keys work
  • Keys are kept secure on a physically-separated card to reduce risk of compromise

Nostr devs think that this is useful for anti-establishment actors–Fair enough. For me, I am interested in this login card pattern as it could be useful for rolling out identities within an organisation context with less training (office workers are already familiar with door access cards). This pattern potentially abstracts away key management to the IT or ops team who provision the cards.

I first discovered this when Kohei demonstrated it in his video.

Here's how you set it up at a high level–

  1. Buy yourself some NFC cards
  2. Get your Nostr key ready in an encrypted, password protected format called "nencryptsec"
  3. Write the nencryptsec to the NFC card as a custom URI
  4. Tap to load the login screen, and enter your password to login

Here it is in detail–

Buy yourself some NFC cards

I found no specific requirements. As usual with Nostr so far, I tried to the cheapest possible route and it worked. Generic brand NFC cards shipped from China, I believe it was 50X for $15 from Amazon. Your mileage may vary.

Get your Nostr key ready

Your key will be saved to the NFC card in an encrypted password-protected format called "nencryptsec". Several applications support this. As we'll be using this to login to Amethyst, we will use Amethyst to output the nencryptsec for us.

  1. Login to Amethyst with your nsec,
  2. Open the sidebar and click "Backup Keys",
  3. Enter a password, and click "Encrypt and my secret key",
  4. It will add the password-protected key to your clipboard in the format "ncryptsec1...",
  5. Remember to backup your password.

Write the ncryptsec to the NFC card

  1. Download the free NFC Tools app to your device, and open it,
  2. Click "Write" and "Add a record", then click "Custom URL / URI",
  3. Paste your nencryptsec with the nostr URI in front, i.e. "nostr:ncryptsec1..." and click OK,
  4. Click "Write". NFC Tools will prompt you to "Approach an NFC tag",
  5. Place your NFC card against your phone, and it will write to the card,
  6. Your card is ready.

Tap to load the login screen

Tap the card against your phone again, and your phone should open the login screen of Amethyst and prompt you for your password.

Once you enter your password, Amethyst will decrypt your nsec and log you in.

Optionally, you can also set the app to forget you once you log out.

You have created a Nostr NFC "login card".

Nostr Business Card

You can use another NFC card to give anyone you meet a link straight to your Nostr profile.

I attended [Peter McCormack](Peter McCormack)'s #CheatCode conference in Sydney and gave a few of these out following the Nostr panel, notably to Preston Pysh where it got some cut through and found me my first 100 followers. You can do the same.

To create your Nostr NFC "business card" is even easier than your NFC "login card".

  1. Buy yourself some NFC cards,
  2. Download the free NFC Tools app to your device, and open it,
  3. Click "Write" and "Add a record", then click "Custom URL / URI",
  4. Write your npub to the NFC card as a custom URI in the format "nostr:npub1..." (e.g. for me this is "Rod"),
  5. Your card is ready.

Give the card to someone who is a Nostr user, and when they tap the card against their phone it will open their preferred Nostr client and go directly to your Nostr profile page.

You have created a Nostr NFC "business card".

What I Did Wrong

I like to share what I did wrong so you don't have to make the same mistakes. This time, this was very easy, and little went wrong. In general

  • When password-protecting your nsec, don't forget the password!
  • When writing to the NFC card, make sure to use "Custom URI/URL" as this accepts your "nostr:" URI scheme. If you use generic "URI/URL" it won't work.

What's Next

Over my first four blogs I have explored creating a good Nostr setup

Over the next few blogs I will be exploring different types of Nostr inter-op

  • NFC cards integrated with Nostr (this post)
  • Workflow Automations integrated with Nostr
  • AI LLMs integrated with Nostr

Please be sure to let me know if you think there's another Nostr topic you'd like to see me tackle.

GM Nostr.