Every Bitcoiner has a hardware wallet. Your seed phrase is offline, on a dedicated device, away from the internet. You would never paste your seed into a browser extension.

But your Nostr nsec? It is probably in an env var. Or a JSON config file. Or pasted into a web app that pinky-promises not to steal it.

We thought Nostr deserved the same treatment Bitcoin gets.

Heartwood is a Nostr signing appliance that runs on a Raspberry Pi. You give it a mnemonic during setup. It goes into encrypted storage and never comes out again.

When any app wants to sign a Nostr event, it asks Heartwood. Heartwood decides whether to allow it, signs it, sends back the signature. Your key never leaves the Pi. Not in your browser's memory. Not in an env var on your laptop. Nowhere except the device sitting on your desk.

One mnemonic. Unlimited identities. Heartwood derives separate Nostr identities from that single seed. A work identity. A personal identity. A bot identity. Cryptographically unlinkable. All from one backup phrase you wrote down once.

You choose what each app can do. Your browser extension can post notes but not update your contact list. Your AI agent can send DMs but not sign auth challenges. Per-app permissions, enforced at the device level.

Works with what you already use. Any Nostr app that supports remote signing just works. No special integration needed.

It is running on a Pi 4 on my desk right now. Signing events for my AI agent and my browser extension from the same device. Same identity whether I am browsing Nostr or my AI is posting on my behalf.

Production target is a Pi Zero 2 W. About 30 quid. Flash an SD card, boot it, scan a QR code. Done.

Rust. Open source. MIT licence. Early stage, looking for feedback and testers.

GitHub: https://github.com/forgesworn/heartwood

How do you store your nsec today?