i was also exploring this world of npub separation for encrypting and storing private bookmarks. a bit different from your use case, but this is how it currently works
content encrypted with vault encryption key
- Events signed with vault signing key (not the user nsec)
- Stored under vault pubkey (not linked to user identity)
- Tagged with something like "encrypted" for easier fetch from relay.
one downside is that the user needs a passphrase in addition to their nsec.
b0b
npub1vp…atk8w
2026-01-27 18:32:51 UTC
in reply to nevent1q…3j9g
Author Public Key
npub1vppdwqmhlzhftstq5exturmry4u0pdfm93mqj4zfuuznhclxygfsdatk8wSeen on
wss://nos.lolPublished at
2026-01-27 18:32:51 UTCEvent JSON
{
"id": "13238fe3228f62c98f47f33ef86bf62c5993d0dfc986b38f86447543586c4f10",
"pubkey": "6042d70377f8ae95c160a64cbe0f632578f0b53b2c76095449e7053be3e62213",
"created_at": 1769538771,
"kind": 1,
"tags": [
[
"e",
"829a2caa92818f5f43919fd3d1f82b779a01ea779f0296eec64fb6459fe0e4b1",
"",
"root"
],
[
"p",
"2efaa715bbb46dd5be6b7da8d7700266d11674b913b8178addb5c2e63d987331"
]
],
"content": "i was also exploring this world of npub separation for encrypting and storing private bookmarks. a bit different from your use case, but this is how it currently works\n\ncontent encrypted with vault encryption key\n- Events signed with vault signing key (not the user nsec)\n- Stored under vault pubkey (not linked to user identity)\n- Tagged with something like \"encrypted\" for easier fetch from relay. \n\none downside is that the user needs a passphrase in addition to their nsec. ",
"sig": "d8dba9247ac6726174fb5ecf54f0f8ace277ce2ac6cdf4161b7546cd010a5ec1727f9349f1626a7f57ac7a4253d945f9266674354297891127940242f77e497d"
}