Managing Your Identity
Your Nostr identity is the foundation of everything in the extension. Learn to manage your keys, profile, and signer settings.
Your Nostr identity is the anchor for everything else in the extension — your trust network, your wallet, your permissions. This guide covers how to manage that identity, keep your keys secure, and use the NIP-07 signer that lets websites interact with your Nostr account.
NIP-07 Signer Support
NIP-07 is the standard that allows Nostr web applications to request signatures from a browser extension without ever seeing your private key. When you visit a Nostr client like Primal, Snort, or Coracle, it can ask the extension to sign events on your behalf.
Here is how it works in practice:
- A website calls
window.nostr.getPublicKey()to identify you. - When you post a note or update your profile, the site sends the unsigned event to the extension.
- You see a permission prompt. If you approve, the extension signs it with your private key and sends back the signature.
- Your private key never leaves the extension.
If you previously used another NIP-07 extension like nos2x or Alby, disable it before using Nostr WoT. Only one NIP-07 signer should be active at a time to avoid conflicts.
Managing Your Nostr Profile
Your profile details — display name, bio, avatar, Lightning Address, and NIP-05 identifier — are stored on Nostr relays as a kind 0 event. The extension lets you view and edit these details directly.
Viewing Your Profile
Click the extension icon and navigate to the Identity tab. You will see your current profile information, your npub, and the relays your profile is published to.
Editing Your Profile
- Click Edit Profile on the Identity tab.
- Update any fields you want to change.
- Click Save. The extension signs a new kind 0 event and publishes it to your relays.
Changes propagate across Nostr clients within seconds as relays distribute the updated event.
Key Security Best Practices
Your private key (nsec) is the single most important piece of data in your Nostr identity. Anyone who has it can post as you, change your profile, and access your contacts. There is no password reset, no support team to call.
Storage
- The extension encrypts your private key locally using your encryption password. It is never stored in plain text.
- Back up your nsec in a password manager or write it on paper and store it somewhere safe.
- Never paste your nsec into a website or DM it to anyone.
Encryption Password
- Choose a strong, unique password when setting up the extension.
- The extension locks after a period of inactivity. You will need this password to unlock it.
- If you forget this password, you can re-import your nsec to reset it — but you need that nsec backup.
Multiple Devices
If you use the extension on multiple browsers or machines, import the same nsec on each one. Your identity is tied to your key pair, not to any single device.
Consider generating your keys with a dedicated tool and importing them into the extension. That way, your backup exists independently of any single extension.
Switching Between Identities
The extension supports multiple identities. If you manage more than one Nostr account, switch between them from the Identity tab by clicking your profile avatar. Each identity has its own trust graph, wallet, and permission settings.
What's Next?
With your identity secured, it is time to understand how the extension uses it to build your Web of Trust. If you want to connect a wallet, jump to Setting Up Your Wallet.
