Privacy-preserving, reusable, payments codes for Nano using stealth addresses and off-chain coordination
NanoNymNault is a fork of Nault (the popular web-based Nano wallet) integrating a lightweight Nostr client that enables private, unlinkable payments over the regular Nano blockchain, using a new type of reusable pseudonym called a NanoNym (address prefix: nnym_).
For Recipients (merchants, streamers, donation pages):
- Generate one or more NanoNyms (displayed as
nnym_abc123...xyzaddresses) - Share publicly (on website, social media, stream overlay, printed invoices, etc.)
- Receive unlimited number of payments through the NanoNym, all that:
- Go to different blockchain addresses (unlinkable)
- Don't reveal your balance
- Don't show your payment history
- Your wallet automatically detects incoming payments and shows a unified balance
For Senders:
- Paste recipient's NanoNym (
nnym_address) into the send field (or scan a QR code) - Enter amount and send (just like a normal Nano transaction)
- Behind the scenes:
- Wallet derives a unique stealth address for this payment
- Sends XNO on Nano blockchain (looks like any other transaction)
- Sends encrypted notification via Nostr (free, instant, private)
- Recipient automatically receives and can spend funds
It's a true win-win for both senders and receivers: both gain significantly enhanced privacy protection, without any involvement of third-party payment processors or fees.
✅ Privacy: No one can link multiple payments to the same recipient
✅ Simplicity: Recipients share ONE NanoNym (not a new address for each payment)
✅ Multiple NanoNyms: Generate as many as needed from a single seed
✅ Free notifications: No blockchain bloat or notification transaction costs
✅ Compatibility: Falls back to regular nano_ addresses for non-compliant wallets
✅ Web-based: Works in browser, no installation needed (just like Nault)
NanoNym = Nano + onym (Ancient Greek ὄνυμα "name")
A NanoNym is a reusable pseudonym for receiving payments privately. Think of it like:
- A pen name for authors (hides real identity)
- A stage name for performers (public-facing but not your real name)
- A business name (represents you but isn't personally identifiable)
Technical details:
- Encoded as
nnym_addresses (~160 characters) - Contains three public keys (spend, view, Nostr notification)
- All NanoNyms are structurally identical and infinitely reusable
- Multiple NanoNyms can be derived from a single seed
Generate: "General Donations"
Print on: Website footer, business card, stream overlay
Use for: Years of recurring donations
Generate: "Customer #1234 - Invoice #5678"
Display: On checkout screen (ephemeral display)
Use for: Single purchase
Archive: After payment received
Generate: "Sales Q1 2025"
Generate: "Consulting Services"
Generate: "Product Returns"
Use for: Accounting categorization and revenue tracking
All NanoNyms work identically - the difference is only in how you choose to use them!
Nault Wallet (existing web wallet)
+ Nostr client (lightweight messaging, runs in browser)
+ CamoNano cryptography (proven stealth address math)
= NanoNymNault (private payment wallet)
Users don't need to:
- Run a Nostr relay
- Understand Nostr
- Download anything extra
- Change how they use Nano
It just works — privacy built-in, seamlessly.
| Feature | Standard Nano Address | NanoNym (nnym_) |
|---|---|---|
| Address reuse | Publicly links all transactions | Each payment goes to unique address |
| Balance privacy | Anyone can see your balance | Balance hidden across multiple addresses |
| Sender anonymity | Sender account visible | Sender can remain anonymous |
| Multiple addresses from one seed | Limited by wallet | Unlimited NanoNyms |
| Notifications | None needed | Off-chain via Nostr (automatic) |
| Use case | General payments | Privacy-conscious users, merchants, donations |
NanoNymNault combines three proven technologies:
- CamoNano Protocol: Battle-tested cryptography for stealth addresses (Monero-inspired, adapted for Nano)
- Nostr (NIP-17): Decentralized, encrypted messaging for payment notifications
- Nault Wallet: Mature, trusted web-based Nano wallet
Key Innovation: By moving notifications off-chain (via Nostr), we solve CamoNano's timing correlation vulnerability while eliminating notification transaction costs.
NanoNymNault is designed so you only need to manage one secret: your 24-word Nano seed phrase.
From this single seed, the wallet securely generates all the necessary components for both your Nano funds and your private Nostr notifications.
Your Nano Seed (24 words)
↓
├─→ All your Nano accounts & funds
└─→ All your private Nostr notifications
Think of your seed as a master key. It can create a perfectly matched, but separate, set of keys for different systems (one for Nano, one for Nostr). This means you get the convenience of a single backup without compromising on security.
Bottom line: Back up your one Nano seed, and you can always recover everything.
We plan to support users who want to connect an existing Nostr identity (an nsec key) to the wallet.
Because Nano and Nostr use different cryptographic systems, the wallet can't guess your existing Nostr key from your Nano seed. In this specific, advanced scenario, you would need to provide both your Nano seed and your Nostr key. For the vast majority of users, this won't be necessary.
Phase 1 (Implemented): Simple, one-seed-only model. Phase 2 (Planned): Optional support for linking an existing Nostr key.
🚀 Core Features Implemented - Send, receive, and spend from NanoNyms working
- AGENTS.md - Agent instructions and Prime Directives
- docs/README.md - Complete documentation index
- docs/ANALYSIS-CAMONANO-ALTERNATIVES.md - Deep dive into CamoNano, BIP protocols, and off-chain notification alternatives
✅ What's Working:
- Sending TO NanoNyms (full flow: generate stealth address → send XNO → send Nostr notification)
- Receiving payments (notifications decrypt, stealth addresses derived, balances displayed)
- Spending FROM NanoNyms (stealth account selection, multi-account sends, privacy warnings)
- NanoNym management (generate, label, archive/reactivate, view details)
- Multi-relay Nostr redundancy (3-5 relays simultaneously)
- Stealth account opening (three-phase defense-in-depth: immediate, background retry, just-in-time)
🔜 Planned Enhancements:
- Privacy Mode (optional timing randomization between multi-account sends)
- Stealth account consolidation/sweep tools
- Enhanced privacy scoring and per-send impact summary
- Tier 2 backup mechanisms (downloadable encrypted backups)
- Automated E2E tests (Playwright or similar)
See: docs/roadmap.md for detailed implementation status.
✅ Against blockchain observers: Cannot link payments to receiver ✅ Against Nostr relays: Cannot read notification contents (NIP-17 encryption) ✅ Against network observers: Cannot correlate Nostr activity with Nano transactions ✅ Against timing analysis: NIP-17 uses randomized timestamps
- All cryptography uses well-audited libraries
- Nostr NIP-17 provides authenticated encryption (AEAD)
- Multi-relay redundancy prevents single point of failure
- View keys can be separated from spend keys (watch-only wallets)
- Single seed backs up unlimited NanoNyms
Security Audit: Recommended before mainnet launch (if budget permits)
# Installation instructions will be provided when ready
# For now, the project is in active development- Node.js v22 (via nvm - check .nvmrc)
- Python 3.11 (for native module compilation)
The project is forked from Nault. To build and run the stock Nault wallet locally:
# Clone the repository
git clone https://github.com/yourusername/NanoNymNault.git
cd NanoNymNault/references/Nault
# Ensure correct Node version
source ~/.nvm/nvm.sh
nvm use # Reads .nvmrc automatically
# Install dependencies
# IMPORTANT: Use these exact flags for Apple Silicon compatibility
npm_config_arch=x64 \
PYTHON=/opt/homebrew/opt/python@3.11/bin/python3.11 \
npm ci
# Run development server
npm start
# Access at http://localhost:4200/Why these specific flags?
npm_config_arch=x64- Electron 9.4.4 doesn't have ARM64 builds, use Rosetta emulationPYTHON=/opt/homebrew/opt/python@3.11/bin/python3.11- Python 3.14 removeddistutilswhich node-gyp requiresnpm ci- Uses exact versions from package-lock.json (notnpm install)nvm use- Node v20 required for Angular and native module compatibility
Troubleshooting:
- If port 4200 is in use:
lsof -ti:4200 | xargs kill -9 - If Python error: Install Python 3.11 via
brew install python@3.11 - If Node version error: Install via
nvm install 20
For test running instructions, test strategy, and debugging: See TESTING.md
This project is in early development. Contributions, feedback, and testing are welcome!
Areas where help is needed:
- Cryptography review
- Nostr integration testing
- UI/UX design for privacy features
- Documentation and tutorials
- Security auditing
Standing on the shoulders of giants:
- Nault Team - Excellent web-based Nano wallet foundation
- CamoNano Project - Pioneering stealth addresses for Nano
- nanopyrs - Reference implementation
- camonanowallet - First full wallet
- Monero Community - Original stealth address inspiration
- Nostr Protocol - Decentralized messaging infrastructure
- Bitcoin BIPs - Protocol design patterns (BIP-352, BIP-77, BIP-47)
See the LICENSE document for details.
- GitHub Issues: Report bugs or suggest features
- Reddit Thread: r/nanocurrency/...
- Not yet audited by security professionals
- Use at your own risk
- Start with small amounts for testing
- Privacy guarantees depend on proper usage (see documentation)
Q: Is this a new cryptocurrency? A: No! NanoNymNault uses the existing Nano (XNO) cryptocurrency. It's just a wallet with enhanced privacy features.
Q: What's the difference between a NanoNym and a regular Nano address?
A: A NanoNym is a reusable pseudonym that generates unique stealth addresses for each payment. Regular nano_ addresses publicly link all transactions.
Q: Can I generate multiple NanoNyms? A: Yes! You can generate unlimited NanoNyms from a single seed. Use them for different purposes (donations, sales, per-customer, etc.).
Q: Are NanoNyms "ephemeral" or "permanent"? A: All NanoNyms are structurally identical and reusable. You decide how to use them - print one for long-term use, or generate unique ones per transaction.
Q: Do I need to run a Nostr relay? A: No. The wallet connects to existing public Nostr relays (1000+ available). You can optionally run your own for extra privacy.
Q: Will regular Nano wallets be able to send to my NanoNym?
A: No, only NanoNymNault-compatible wallets can send to NanoNyms (nnym_ addresses). For compatibility, your wallet will also display a regular nano_ fallback address (though this won't provide privacy).
Q: What happens if Nostr notifications fail? A: The wallet uses 3-5 relays simultaneously for redundancy. Even if some relays fail, notifications should get through. Senders can also manually resend notifications if needed.
Q: How is this different from CamoNano? A: NanoNymNault uses CamoNano's cryptography but replaces on-chain notifications (which cost XNO 0.00049 and leak timing info) with free, encrypted off-chain Nostr notifications.
Q: Can I use this for everyday payments? A: The primary use case is for recipients who want to share a public address (merchants, donations, streamers) without revealing their payment history. For everyday peer-to-peer payments, standard Nano addresses are simpler.
Q: Is this more private than Monero? A: No. Monero has additional privacy features (ring signatures, confidential amounts) that hide sender, receiver, AND amounts. NanoNymNault only hides receiver unlinkability and optionally sender identity. It's a practical privacy improvement for Nano, not full anonymity.
Q: How do I back up my NanoNyms? A: Your seed phrase backs up ALL NanoNyms automatically. During recovery, the wallet will re-derive all your NanoNyms and scan for payments.
Try the latest development version: https://cbrunnkvist.github.io/NanoNymNault/
This developer preview is automatically deployed from the main branch. It reflects the latest implemented features and may contain experimental functionality. Use with caution and test with small amounts only.
Built with 🔐 for the Nano community