Embedded Signer Infrastructure — MVP Spec (Standalone Core)

Purpose: build a reusable, standalone identity + signing + session infrastructure.

This repo is pure infrastructure. No product language. No marketplace language. No game language. No commerce framing.

This is a cryptographic identity spine other applications can consume.

---

Design Philosophy

• Normie-first UX
• Protocol-agnostic interfaces
• Embedded by default
• Portable by design
• Future universal-signer compatible

Model: Steam-style UX now → MetaMask-style portability later

---

User Capabilities (MVP)

• Create new identity
• Import existing identity
• Unlock identity with password
• Use identity across sessions
• Export identity for backup/recovery

Invisible to user:

• keys
• pubkeys / npubs
• signing
• cryptography
• protocols

---

Core UX Flow

Landing:

• [ Create new ID ]
• [ Use existing ID ]

Create new:

• username (optional metadata)
• password (vault encryption)
• → identity created

Use existing:

• import mnemonic
• import encrypted keyfile
• → identity loaded

---

Identity Model

Canonical rule: identity_id = public_key (x-only secp256k1 pubkey, 32 bytes)

UX wrappers:

• username = display label
• password = encryption key

No UUID identities. No abstract account IDs.

---

Cryptographic Primitives (MVP Defaults)

• Curve: secp256k1
• Signing: BIP340 Schnorr
• Hash: SHA-256
• Encryption: AES-GCM
• KDF: Argon2id (fallback: PBKDF2-SHA256)

---

Local Storage Model

Key Vault

• encrypted private key
• public key
• salt
• iv
• kdf parameters
• version

Vault format (canonical JSON blob):

{
  "version": 1,
  "pubkey": "0x… (Hex32, x-only secp256k1 pubkey)",
  "kdf": { "algo": "argon2id", "params": {} },
  "salt": "base64",
  "iv": "base64",
  "ciphertext": "base64"
}

Notes:

• All hex values are 0x-prefixed.
• pubkey is x-only 32 bytes (BIP340 / Nostr-style pubkey material).

Permissions Store

• origin (protocol + host + port)
• scopes

Session Store

• public key
• origin
• expiry
• refresh metadata

---

Storage Backend

• Default: IndexedDB (web)
• Encrypted blobs only
• No plaintext secrets at rest

---

Security Model

• Private key never stored in plaintext
• AES-GCM encryption
• password-derived key
• decrypted key exists only in memory
• no blind signing

---

Auth Model

Challenge-based identity proof:

1. system generates nonce + timestamp
2. structured challenge object created
3. challenge serialized
4. challenge hashed (sha256)
5. identity signs hash
6. signature verified
7. session issued

Challenge format (canonical):

{
  "v": 1,
  "origin": "scheme://host:port",
  "nonce": "random",
  "timestamp": 1700000000
}

---

Session Model (with refresh)

• sessions have TTL
• auto-refresh before expiry via re-signing challenge
• no repeated unlock prompts during active use
• explicit revoke support

---

Permissions Model

• origin-bound
• scope-bound
• least-privilege
• explicit user approval

---

Identity Export / Recovery

Encrypted keyfile export (default)

• one-click export
• AES-GCM encrypted blob
• password protected
• safe for normie backup

Mnemonic export (advanced)

• explicit warning
• confirmation step
• power-user recovery path

---

Embedded Signer Capabilities

• key generation
• vault encryption
• unlock / lock
• structured challenge signing
• event signing
• permission enforcement
• session issuance
• session refresh

---

Public API Surface

Identity

• createIdentity()
• importIdentity()
• exportEncryptedKeyfile()
• exportMnemonic()
• unlock()
• lock()
• getPublicKey()

Signing

• signChallenge()
• signEvent()

Sessions

• createSession()
• refreshSession()
• revokeSession()

Permissions

• requestScopes(origin, scopes)

---

Storage Guarantees

• no plaintext secrets on disk
• deterministic identity recovery
• portable identity format

---

Non-Goals (MVP)

• ❌ browser extensions
• ❌ universal signer
• ❌ NIP-07 dependency
• ❌ NIP-46
• ❌ relay communication
• ❌ social layers
• ❌ messaging
• ❌ encryption DMs
• ❌ protocol-specific UX

---

Repo Role

This repo provides:

• identity
• signing
• sessions
• permissions
• recovery
• SDK

It does not provide:

• applications
• platforms
• commerce
• content
• product logic

---

Future Compatibility (Explicitly Supported)

• extraction into standalone signer
• browser extension signer
• mobile signer
• NIP-07 adapter
• NIP-46 adapter
• shared identity across apps

---

MVP Success Criteria

• identity creation works
• identity import/export works
• encrypted vault works
• session login works
• session refresh works
• permissions enforced
• signing works
• API usable by external apps

---

Conceptual Role

This project is identity middleware.

It is not an app, a platform, or a product.

It is the cryptographic substrate other systems build on.

---

Mental Model

Identity Layer
↓
Signer Layer
↓
Session Layer
↓
Permission Layer
↓
Application Layer (external)

---

If this ships, you have:

• portable identity
• real cryptographic auth
• reusable signer core
• future universal signer path
• cross-app identity foundation

This is infrastructure, not a product. This is a spine, not a surface.