1
0
forked from GRIN/grim
Files
goblin/README.md
T
2ro 03c1770892 README: update transport description from Nym mixnet to Tor
The README still described the old Nym-mixnet transport, including a
reference to src/nym/sidecar.rs which no longer exists post-switch.
Update the intro, feature list, payment-travel diagram, and build
instructions to describe the current embedded-Tor (arti) transport:
in-process, dialed at the relay's pinned .onion, no sidecar, no sibling
checkout needed for the default build.
2026-07-04 03:51:21 -04:00

5.2 KiB

Goblin

Goblin

Goblin is a private, pay-by-username wallet for GRIN ツ — confidential digital cash on Mimblewimble, with no amounts or addresses on the chain.

Instead of passing slatepack files back and forth, you pay a username (or an npub) and the payment is delivered for you as an end-to-end encrypted message over nostr, routed through Tor. Relays only ever see ciphertext — never the amount, the sender, or the recipient. Tor hides your IP from the relay; the relay and encryption hide the rest — content, sender, timing.

Goblin is a fork of the Grim egui GRIN wallet: it keeps Grim's full GRIN node/wallet engine and layers a Nostr-native, mobile-first payments experience on top.

What it does

  • Send to people — pay a username or npub; the GRIN slatepack travels as a NIP-17 gift-wrapped DM (kind 1059) over Tor and is applied automatically by the recipient's wallet. No files to swap, no need to both be online at once.
  • Manual slatepacks too — when you need to pay or get paid without a handle, Settings → Wallet → Slatepacks exposes the classic by-hand flow: create a slatepack to send, or paste one to receive, finalize, or pay.
  • In-app identity — a nostr payment key that is deliberately not part of your seed, so you can rotate it any time to stay unlinkable without touching your funds. An optional human-readable name comes from the goblin.st identity service.
  • Private by construction — GRIN's address-less, confidential chain; your payments and identity (nostr relays, NIP-05 lookups, price) are routed through Tor, so who-pays-whom never touches the clear net. The GRIN node connection — block sync and broadcasting your transaction — is direct: public chain data, the same for everyone, and not tied to your identity. Keys, names and history stay on your device.
  • Configurable amount pairing — show balances against a world currency, Bitcoin, or sats (rates fetched over Tor), or turn the preview off.
  • Cross-platform — Linux, macOS, Windows, Android, built in pure Rust on egui.

How a payment travels

   you ──slatepack──▶ NIP-17 gift wrap (kind 1059, NIP-44 encrypted)
                          │
                         Tor
                          │
            ┌─────────────┴─────────────┐
        your relays              recipient's DM relays (kind 10050)
            └─────────────┬─────────────┘
                          ▼
   recipient ◀──unwrap, verify seal author, apply slatepack

The wrap is NIP-44-encrypted, and delivery uses the recipient's DM relay list (kind 10050). Tor hides your IP from the relay; the relay and the encryption above hide the rest — content, sender, timing.

Both parties only need one relay in common. The default set is the Goblin relay plus large public relays (relay.damus.io, nos.lol), and the set is editable in Settings → Relays.

Build

Desktop (Linux / macOS / Windows)

Goblin links Tor in-process via arti — the wallet is a single self-contained binary, no sidecar, nothing separate to install:

git submodule update --init --recursive
cargo build --release
./target/release/goblin

Goblin's identity and payment traffic — nostr relays, NIP-05 lookups and price fetches — rides Tor: the money-path relay is dialed directly at its pinned .onion address, and any relay without one (e.g. a recipient's arbitrary DM relay) is reached over a Tor exit to its clearnet host. The GRIN node connection (block sync and transaction broadcast) is not routed through Tor — it connects directly, as it carries only public chain data that isn't linked to your wallet.

Android

Install the Android SDK / NDK, then from the repo root:

./scripts/android.sh build|release v7|v8|x86

v7/v8/x86 is the device CPU architecture for build; for release pass a version in major.minor.patch form.

Identity service (goblin-nip05d)

The optional name service lives in goblin-nip05d/ (axum + SQLite) and is deployed at goblin.st. It implements NIP-05 resolution, NIP-98-authenticated registration and release (names are never transferred — on a key rotation you release the old name and re-register, or import your existing identity). The wallet is fully usable — and fully anonymous — without it. Avatars aren't stored or served — clients render them from the pubkey (an npub gradient with the username's first letter, else the Grin mark).

License

Apache License v2.0.

Credits

🤖 Built with AI pair-programming assistance (Claude)

The underlying cross-platform GRIN wallet engine is the upstream Grim project.