“To put it simply, nsecBunker is a daemon that facilitates remote event signing. It operates with two types of keys: user keys and nsecBunker keys.””The bunker key interacts with the admin UI and only communicates with the pre-defined (admin) npub. Notably, this key doesn’t store sensitive information or hold specific power — it poses no threat to key material even if compromised.””The user key, on the other hand, is used for signing purposes. These keys are encrypted with a passphrase following the same approach as LND. This passphrase is mandatory every time nsecBunker is initiated, and losing it equates to losing access to the keys.””During setup, the administrator pre-approves a key (or a set of keys) for communication with the nsecBunker. The administrator(s) then create target keys to distribute to the intended users.””These users can interact with the Nostr infrastructure without ever accessing the private keys of the account they’re using.””Setting up the nsecBunker may seem intricate at first, but I will guide you step-by-step. Follow along, and you’ll have your bunker up and running without a hitch.”
