📖 Unfamiliar terms? See the glossary for definitions.
Encrypted. Peer-to-peer. No server. Payment details delivered in under a second.
Nostr is a decentralized messaging protocol that Asgaya uses for private coordination between buyers and sellers after they find each other on the bulletin board.
Not WhatsApp. Not Telegram. Not email. Just encrypted direct messages sent over a network of relays that no single entity controls.
When María selects a BCH seller from the bulletin board, she sends an encrypted message: “I need payment details for covenant xyz789.” The seller’s bot responds instantly with bank account info. Total latency: under 1 second. María never sees a phone number, email, or centralized chat interface—just payment instructions delivered directly to her app.
After the bulletin board, before the payment, there’s a gap:
1. María finds seller on bulletin board ✅
2. María creates covenant on-chain ✅
3. María needs seller's payment details ❓
- Bank account number
- Payment reference code
- Exact amount to send
4. María pays via Bizum ✅
5. Seller's bot locks BCH ✅
Step 3 is the coordination problem. The bulletin board listing can’t include bank account numbers (privacy risk, changes frequently). The blockchain can’t store sensitive data (public forever). Email/SMS requires phone numbers (KYC, surveillance, censorship).
Nostr solves this: Encrypted, peer-to-peer, instant delivery of payment details. No phone number needed. No central server to block. No permanent record on the blockchain.
Unlike traditional messaging apps (WhatsApp, Signal), Nostr has no accounts, no phone numbers, no registration.
You have two keys:
Your public key is your Nostr identity. It looks like this:
npub1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p7q8r9s0t1u2v3w4x5y6z
No company controls it. No telecom can block it. No government can seize it.
Nostr messages are sent to relays—simple servers that receive and forward messages. Think of them like post offices, but:
Asgaya doesn’t run relays. We use public Nostr relays (Damus, Primal, etc.) that already exist. If one relay goes down, messages route through others. If all public relays are blocked, users can run their own.
When María sends a message to the seller:
1. María's app encrypts message with seller's public key
2. App sends encrypted message to 3-5 Nostr relays
3. Relays forward to anyone subscribed to seller's public key
4. Seller's bot decrypts message with seller's private key
5. Seller's bot encrypts response with María's public key
6. Response delivered to María's app via relays
7. María's app decrypts response
Total time: <1 second
The relays never see the content. They only see:
They can’t read the payment details, the bank account, or any sensitive information.
María queries the bulletin board and finds a seller:
Seller listing:
├─ Payment methods: Bizum, SEPA
├─ Fee: 0.5%
├─ Buffer: 7%
└─ Contact: npub1seller... (Nostr public key)
The seller’s Nostr public key is their contact info. No phone number, no email, no company-mediated chat.
María’s app sends an encrypted Nostr message:
{
"type": "payment_info_request",
"covenant_id": "covenant_xyz789",
"amount_eur": 100,
"payment_method": "Bizum",
"sender_pubkey": "npub1maria..."
}
Encrypted with seller’s public key. Only the seller’s bot can decrypt it.
The seller’s bot (running on their phone or VPS) receives the request and responds:
{
"type": "payment_info_response",
"covenant_id": "covenant_xyz789",
"payment_method": "Bizum",
"account_number": "+34-612-345-678",
"reference": "ASGAYA-XYZ789",
"amount_exact": "€100.00",
"expires_at": "2026-06-10T15:30:00Z"
}
Encrypted with María’s public key. Only María’s app can decrypt it.
Delivered in under 1 second. María sees payment instructions immediately.
María’s app displays:
Pay €100.00 to:
Phone: +34-612-345-678
Reference: recipient cash account
Tap to open Bizum app →
María completes the payment. The seller’s bot detects it (bank notification), locks BCH into the covenant. Elena can now claim her remittance.
Nostr:
Nostr:
OP_RETURN approach: Seller posts encrypted payment info as a blockchain transaction.
Pros:
Cons:
Nostr:
Trade-off: Nostr has good censorship resistance (multiple relays, anyone can run one) vs OP_RETURN’s maximum censorship resistance (BCH blockchain). For Phase 0, good is enough. We can add OP_RETURN fallback in Phase 1+ if needed.
Your wallet already has BCH keys. Nostr adds a separate key pair:
Your Asgaya wallet contains:
├─ BCH private key (for signing transactions)
├─ BCH public key (your address)
├─ Cash Account (Elena#142)
├─ Nostr private key (for decrypting messages)
└─ Nostr public key (your messaging identity)
Why separate keys?
Generated together: When you create your Asgaya wallet, both keys are generated from the same 12-word recovery phrase. Restore your wallet, restore both.
Visible to relays (public):
Not visible to relays:
Visible to recipient (seller’s bot):
Metadata analysis risk: A relay operator who logs all messages could see that npub1maria sent a message to npub1seller, guess it’s payment coordination, and infer a transaction happened. But they can’t read the content or link it to BCH addresses.
Phase 0 acceptable. Phase 1+ we can add onion routing or mix networks if metadata analysis becomes a concern.
A critical side benefit: When the seller’s bot responds with payment info, it proves the seller is online and ready to lock BCH.
Without liveness check:
1. María creates covenant
2. María pays seller via Bizum
3. Seller's bot is offline (phone died, server crashed)
4. María waits... seller never locks BCH
5. María stuck (paid fiat, covenant expires, funds returned after 48h)
With Nostr liveness check:
1. María creates covenant
2. María sends Nostr message
3. No response within 2 minutes → Warning: "Seller may be offline"
4. María cancels covenant, picks different seller
5. No fiat payment wasted
Result: María never pays fiat unless the seller proves they’re online and ready.
The bulletin board is discovery. It tells you who is selling BCH (their Nostr public key).
Nostr is coordination. It tells you how to pay them (bank account, reference code).
Separation of concerns:
Your wallet generates Nostr keys. When you create an Asgaya wallet, you get:
All linked, all restored from 12 words.
The seller’s notification bot listens on Nostr. When a payment info request arrives:
Nostr is the bot’s communication channel. Without Nostr, the bot can’t respond to senders.
María doesn’t know Nostr exists. The app hides all complexity:
María's screen:
┌─────────────────────────────┐
│ Select Seller: │
│ │
│ ✅ seller$asgaya.org │
│ Fee: 0.5% │
│ Response time: 12 sec │
│ [Select] ← │
│ │
│ Fetching payment details... │← Nostr happening here
│ │
│ Pay €100.00 to: │
│ Phone: +34-612-345-678 │
│ Reference: ASGAYA-XYZ789 │
│ │
│ [Open Bizum App] │
└─────────────────────────────┘
“Fetching payment details…“ = Nostr message sent, response received, decrypted. Happens in <1 second. María thinks it’s just the app loading data.
She never sees:
Just results: Payment instructions, ready to use.
The seller doesn’t manually respond to messages. The bot automates everything:
Setup (one time):
Runtime (automated):
Seller’s job: Keep phone/server online. Bot handles everything else.
What’s ready:
What’s coming (Phase 1+):
Phase 0 keeps it simple: Automated payment info exchange only. No manual messaging. Bot-to-bot coordination.
Scenario 1: One relay is down
Impact: None. Messages automatically route through other relays.
Asgaya default: Connect to 5 relays (Damus, Primal, Nostr.wine, relay.snort.social, custom relay). If 1-2 fail, 3-4 still work.
Scenario 2: All public relays are blocked (censorship attack)
Mitigation:
Still works. Just requires sellers to run infrastructure (Phase 1+ feature).
Scenario 3: Complete Nostr network failure (catastrophic)
Fallback (Phase 1+):
Phase 0: If Nostr completely fails, Asgaya pauses until relays recover. Acceptable risk—Nostr has been running reliably since 2022.
What an attacker CAN’T do:
What an attacker CAN do:
Phase 0 mitigation:
Phase 1+ mitigation:
Nostr isn’t just for Asgaya. It’s a general-purpose decentralized messaging protocol used by:
By using Nostr, Asgaya plugs into an existing ecosystem:
Asgaya improves Nostr too:
Mutual benefit. We’re not building in isolation.
| Feature | Nostr DMs | OP_RETURN | Telegram | |
|---|---|---|---|---|
| Speed | <1 second | ~2 minutes | Minutes-hours | <1 second |
| Cost | Free | €0.002/message | Free | Free |
| Privacy | End-to-end encrypted | End-to-end encrypted | Not encrypted (unless PGP) | Encrypted (server can read) |
| Censorship resistance | Good (multiple relays) | Maximum (blockchain) | Poor (centralized) | Poor (centralized) |
| Requires | Nostr keys | BCH transaction | Email account | Phone number |
| Automation | Bot-native | Bot-native | Limited | Restricted |
| Permanence | Ephemeral | Permanent on-chain | Depends on server | Depends on server |
Nostr wins on speed, cost, and automation. OP_RETURN wins on maximum censorship resistance. Email and Telegram lose on privacy and decentralization.
Phase 0 uses Nostr. Phase 1+ adds OP_RETURN fallback if needed.
Q: What if the seller’s Nostr key is compromised?
A: Attacker can read incoming payment info requests and send fake payment details. But:
Q: Can I use Nostr for regular messaging (not just payment info)?
A: Phase 1+, yes. Phase 0, no—Nostr is automated for bot coordination only. But if you have a Nostr client app (Damus, Amethyst), you can message other users using your Asgaya Nostr keys.
Q: What if relays censor me?
A: Switch to different relays. If all public relays censor you, run your own (€5/month VPS). Can’t be stopped.
Q: Does Nostr leak my BCH address?
A: No. Nostr keys are separate from BCH keys. Even if someone knows your Nostr public key, they can’t derive your BCH address from it.
Q: What’s the difference between Nostr and Signal/WhatsApp?
A: Signal/WhatsApp require phone numbers, run on centralized servers (company can block you), and aren’t designed for automated bots. Nostr has no phone numbers, no central server, and is bot-native.
Nostr is the invisible glue. The bulletin board discovers sellers. Nostr coordinates the payment. The covenant executes the trade. Users never see Nostr—just instant payment instructions.
When regulators ask “where’s the chat server we can subpoena?” there isn’t one. It’s just relays forwarding encrypted blobs. No company, no database, no records to seize.
| 🏠 Home | ↑ The Mechanism | 📖 Glossary |
Related: Wallet · Bulletin Board · Nostr · Notification Bot · Stability Layer