Privacy
Last updated · June 12, 2026
The short version: privacy is the product. The wallet
keeps everything on your device, this website sets no cookies and runs
no analytics, and the identity service stores only what it publishes:
the name→key mapping you asked it to publish.
1. The wallet
- Your seed, keys, contacts, payment history, and settings are stored only on your device. They are never uploaded.
- Wallet network traffic — relay connections, name lookups, exchange rates — is routed through Tor. The services you reach see Tor exit traffic, not your IP address. Tor hides your IP from the relay; the relay and encryption handle the rest — content, sender, and timing.
- Payments travel as end-to-end encrypted nostr events. Relays see ciphertext and the recipient's ephemeral routing key — not the amount, the sender, or the message.
- The wallet contains no telemetry, analytics, or crash reporting.
2. This website
- Static pages, served by us. No cookies, no analytics, no trackers, no third-party embeds — fonts and images are served from this domain.
- Our web server keeps standard, short-lived access logs (IP address, request path, user agent) for security and abuse prevention.
3. The identity service (goblin.st)
- If you claim a handle, we store the data the service exists to publish: your chosen name, your nostr public key, and — if you upload one — your avatar image. This mapping is public by design (that's what NIP-05 is).
- Registration and release requests are authenticated by signature (NIP-98); we never see a private key.
- Rate-limiting uses connection IP addresses transiently. Since the wallet talks to goblin.st over Tor, we typically see a Tor exit address, not yours.
- Release your name and it leaves public resolution immediately and becomes available for anyone to register.
4. The relay
The project's public nostr relay stores the encrypted events it relays (that's its job) within its retention and size limits. Event contents are ciphertext we cannot read.
5. What we don't do
- No selling, sharing, or monetizing of any data.
- No advertising, profiling, or cross-site tracking.
- No accounts, emails, or phone numbers — there is nothing to leak.
6. Your choices
Use the wallet without a handle and the identity service learns nothing about you. Rotate your payment key at any time to unlink your history. Run your own node, relay, or name service — the software lets you point at them.
7. Contact
Privacy questions: open an issue on GitHub.