What Are Blinded Nostr Assets?

Blinded nostr assets

Share this article

Today many of us create gigabytes of data on ourselves every year in the form of metadata, text, videos, images and voice recordings. These files could be living on your personal device or on servers worldwide as you upload them to various services, like social media sites or industrial cloud storage services.

While we’re often concerned with data leaks and data protection, with fears of having our data fall into the hands of hackers, we never think of what the companies who host our data do with that level of access.

It’s a scary thought, but the good news is that concerned parties are thinking about how we can take steps to protect ourselves online. File encryption is one of the most effective ways to keep your data safe, and if nostr wants to give users back ownership of their data, it needs to be incorporated into the protocol and this is what NIP-68 is all about, Nostr Blinded Asssets.

Understanding data ownership.

When you use cloud storage, you’re entrusting your data to a third-party provider. While encryption protocols can protect your data from cyberattacks and unauthorised access, it’s crucial to understand who owns and hosts your data and how it’s being used. In most cases, cloud storage providers claim ownership of the data you store on their servers. This means that they have the power to access, modify, and even delete your files. 

To ensure that your sensitive information is protected and that you maintain control over it, you should carefully review the privacy policies and terms of service of the cloud storage providers you’re considering. Some providers offer more control over your data, while others have stricter policies that limit your rights.

The alternative is to self-host your files, which isn’t practical for everyone or every use case for files, while certain applications like centralised social media encourage you to upload your files directly to their servers because it offers them a wealth of data on you and the users that interact with those files.

As a citizen of the internet important to understand how your data is being used. Some providers may use your data for targeted advertising or other business purposes. If you’re uncomfortable with this, you should choose a provider that explicitly states that they don’t use your data in this way.

Ultimately, understanding data ownership is an essential part of protecting your sensitive information. By carefully reviewing the policies and practices of cloud storage providers, you can maintain control over your data and ensure that it’s being used in the way that you want.

The cloud is simply someone else’s computer.

Cloud storage has become increasingly popular due to its convenience and accessibility, but it also poses security risks. By encrypting your data before storing it in the cloud, you can ensure that only authorised parties have access to it.

The process of encrypting your cloud storage is relatively straightforward. Most cloud storage providers offer the option to encrypt your data using a variety of encryption protocols, such as AES-256. This means that your data is encrypted both during transmission and when it’s at rest in the cloud.

However, it’s important to note that while cloud storage providers may offer encryption, they also have access to your data. This raises questions about data ownership and privacy, which we’ll discuss in the next section.

What are blinded assets?

Unlike centralised social media that maintain a hold on all our data with no option other than to avoid using the services, nostr has offered users the ability to decide how they wish to secure their information. You can choose to have a private relay, a public relay, a paid relay or a combination of the three for the widest distribution of your data.

However, nostr has its limits and storing files like images, pdfs, videos, and other files doesn’t have that same level of protection. Nostr clients that offer file uploads are parsing that information onto cloud storage providers, which provide scaled distribution for files and allow for high performance, but this does mean there is a trade-off in the form of censorship.

Cloud storage providers have oversight on all these files and can purge them as they see fit.

To circumvent this possible censorship, blinded assets allow users to upload their content to any cloud storage provider and reap the obvious benefits of their infrastructure but provide a layer of protection over those files.

A blinded asset like an image can be encrypted with a password using encryption like AES-256-CBC and given a random filename, and uploaded as a BLOB to a centralised. AES encrypts data in blocks of 128 bits, 192 bits, or 256 bits, making it a strong choice for files that require high security.

When a user or client requests the file from the cloud provider, the note referencing the image URI will also contain the information necessary to decrypt the image. When a client loads a note referencing an encrypted image, it will fetch the BLOB file and decrypt it locally to display it.

Although this increases client load, it prevents the host from assessing the stored content without knowing the particular note containing the decryption information.

Why would you want blinded assets?

The ubiquitous availability of cheap programmatic cloud hosting can be seen as a kind of decentralised network with high-quality infrastructure and low latency that nostr clients and users can use to host content.

If the host can’t see the content, they won’t have a reason to censor it.

Unless hosts begin to ban encrypted content, the blinded assets will sit safely on cloud storage around the world. If certain hosts do have policies against encrypted content, users could migrate to another provider.

Alternatively, this demand could be an incentive for new data centres to secure customers by offering storage for those who wish to host blinded assets.

What if hosts become hostile?

Giving people the ability to upload files without complete oversight of what they hold might anger certain data storage providers who do not wish to host files they cannot access or screen; the file storage provider might want to review and purge these assets, be they notes or files. 

To discourage file storage providers from reviewing files, paywalls could be added using zaps on blinded assets. This adds an economic disincentive to index all the files for review and incite a mass purge of files.

If a provider wishes to review BLOBs and query relays for the keys to index all the files for review, they will need to pay for the secret key to access them. Once the paywall is enabled on blinded assets, any user or company must zap a note to receive the decryption information to decrypt the media.

This can serve as a deterrent and also as a way for users to monetise their content.

Keeping your files on lock.

In a world where our personal information is increasingly at risk, taking the necessary steps to protect our sensitive data has become more important than ever. This is where file encryption comes into play. By encrypting your files, you can safeguard your information and prevent it from falling into the wrong hands.

Remember, it’s never too late to protect your data. Start today and stay ahead of the game.

As the saying goes, “an ounce of prevention is worth a pound of cure.”


Do your own research.

If you’d like to try out Nostr or want to learn more about it, we recommend checking out the following resources to kickstart your research.

Are you on Nostr?

If you are a Nostr user and want to hang out and chat with us or follow our content on your preferred Nostr front end, feel free to add us using our PubKey below.

npub10mxnle348mzv2dnj0ylgz3zu9gceenc29x9fr4m6mnars66j7vxsnkn8mj

The Bitcoin Manual’s Nostr Pubkey

Please give us your notes.

If you have used Nostr, which client do you prefer and why? What apps and services would you like to see form part of the growing ecosystem?

Let us know in the comments down below.

Disclaimer: This article should not be taken as, and is not intended to provide any investment advice. It is for educational and entertainment purposes only. As of the time posting, the writers may or may not have holdings in some of the coins or tokens they cover. Please conduct your own thorough research before investing in any cryptocurrency, as all investments contain risk. All opinions expressed in these articles are my own and are in no way a reflection of the opinions of The Bitcoin Manual

Leave a Reply

Related articles

You may also be interested in

FTX repayment plan

How FTX Repayments Will Work

The collapse of FTX in November 2022 marked one of crypto’s largest failures, leaving millions of customers wondering about their funds and a plethora of

Bitcoin ATM bad rap

Bitcoin ATMs Get A Bad Rap

So you want to get some Bitcoin, but you don’t have a bank account or credit card, or you do and don’t want to tie

Cookie policy
We use our own and third party cookies to allow us to understand how the site is used and to support our marketing campaigns.