Nostr Signer, ID Manager, and Payment System
Features • Download • Build • License
DENOS is a tool for managing your Nostr identities, signing events, and pay or receive network currencies and (soon) traditional state currencies.
- Nostr Signer — Manage keys, sign events, and connect to relays
- Identity Manager — DNN-based decentralized identity management
- Bitcoin Wallet — secp256k1 wallet with Silent Payments and multi-sig support
- eCash — Cashu-based eCash wallet with a focus on nut zaps
- QR Scanner — Built-in QR code scanner and generator
- Cross-Platform — Windows, macOS, and Linux
Pre-built binaries are available on the Releases page:
| Platform | Format |
|---|---|
| Windows | .exe / .msi installer |
| macOS (Intel) | .dmg |
| macOS (Apple Silicon) | .dmg |
| Linux (Ubuntu/Debian/Zorin) | .deb package |
| Linux (Fedora/RHEL) | .rpm package |
| Linux (Arch/CachyOS) | .pkg.tar.zst package |
| Linux (Universal) | .AppImage portable |
| Linux (Flatpak) | .flatpak |
macOS may show "DENOS is damaged and can't be opened" because the app is not code-signed with Apple. To fix this, open Terminal and run:
xattr -cr ~/Downloads/DENOS*.dmgThen open the .dmg normally and drag DENOS.app to your Applications folder.
Note: This only needs to be done once per download. The warning is caused by macOS Gatekeeper quarantining unsigned apps — the app itself is safe.
Fixing Keychain password prompts: macOS may repeatedly ask for your Keychain password every time you use DENOS. This happens because the app is unsigned and macOS can't remember the "Always Allow" setting. You can fix this permanently by creating a free self-signed certificate:
Step 1 — Create a self-signed certificate (one-time):
- Open Keychain Access (search for it in Spotlight with
Cmd + Space) - In the menu bar, click Keychain Access → Certificate Assistant → Create a Certificate…
- Fill in the form:
- Name:
DENOS Dev(or any name you'll remember) - Identity Type:
Self Signed Root - Certificate Type:
Code Signing
- Name:
- Click Create, then Done
Step 2 — Sign the app:
- Open Terminal (search for it in Spotlight)
- Run this command:
codesign --force --deep --sign "DENOS Dev" /Applications/DENOS.app - You should see no error output — that means it worked
Step 3 — Allow Keychain access (one-time):
- Open DENOS — macOS will ask for your Keychain password one last time
- Click "Always Allow"
- From now on, DENOS will access the Keychain silently without prompts
Note: You'll need to re-sign after each DENOS update (repeat Step 2 only).
The Local Signer (NIP-PC55) enables "Login with DENOS" on supported Nostr websites by running a WebSocket server on ws://localhost:7777. Some browsers block this connection from HTTPS pages due to mixed content security policies:
| Browser | Status |
|---|---|
| Chrome / Edge | ✅ Works out of the box |
| Firefox | ✅ Works out of the box |
| Brave | |
| Safari | ❌ Blocks ws://localhost — use Chrome or Firefox instead |
Other browsers with similar security shields or mixed content policies may also block the connection. If you don't see the "Login with DENOS" button on a supported site, your browser is likely blocking the local WebSocket.
Brave fix: Open the site where you want to use DENOS → click the Brave Shields icon (lion) in the address bar → disable Shields for that site. Reload the page and the "Login with DENOS" button should appear.
Safari: Safari strictly blocks insecure WebSocket connections (ws://) from HTTPS pages and there is no simple toggle to allow it. We recommend using Chrome or Firefox on macOS for the Local Signer feature. NIP-46 (Bunker) and NIP-UPV2 (Password Login) work on all browsers including Safari.
Additional prerequisites:
- Visual Studio Build Tools with "Desktop development with C++" workload
- WebView2 (pre-installed on Windows 10/11)
# Clone and install dependencies
git clone <repository>
cd denos
npm install
# Development mode
npx tauri dev
# Build installer (Windows example: .msi)
npx tauri buildOutput: src-tauri/target/release/bundle/msi/DENOS_0.1.0_x64_en-US.msi
Additional prerequisites (Debian/Ubuntu/Zorin):
sudo apt update
sudo apt install -y \
libwebkit2gtk-4.1-dev \
build-essential \
curl \
wget \
file \
libxdo-dev \
libssl-dev \
libayatana-appindicator3-dev \
librsvg2-dev \
libfuse2 \
libjavascriptcoregtk-4.1-dev \
libsoup-3.0-devAdditional prerequisites (Arch/CachyOS):
sudo pacman -S --needed \
webkit2gtk-4.1 \
base-devel \
curl \
wget \
file \
openssl \
libayatana-appindicator \
librsvg \
fuse2Additional prerequisites (Fedora):
sudo dnf install -y \
webkit2gtk4.1-devel \
openssl-devel \
curl \
wget \
file \
libappindicator-gtk3-devel \
librsvg2-devel \
fuse-libsBuild:
# Clone and install dependencies
git clone https://github.com/user/denos.git
cd denos
npm install
# Generate proper icons (required once)
npx tauri icon "DENOS logo.png"
# Development mode
npx tauri dev
# Build all Linux formats
npx tauri buildOutput:
src-tauri/target/release/bundle/deb/DENOS_0.1.0_amd64.debsrc-tauri/target/release/bundle/rpm/DENOS-0.1.0-1.x86_64.rpmsrc-tauri/target/release/bundle/appimage/DENOS_0.1.0_amd64.AppImage
Note: If the AppImage build fails with
failed to run linuxdeploy, ensure the desktop template has Unix line endings:sed -i 's/\r$//' src-tauri/denos.desktop.template
- Frontend: React 19, TypeScript, Tailwind CSS 4, Framer Motion
- Backend: Rust, Tauri v2
- Nostr: nostr-tools, nostr-sdk
- Bitcoin: bitcoinjs-lib, secp256k1
- eCash: cashu-ts (Cashu protocol)
- State: Zustand
DENOS/
├── src/ # React frontend
│ ├── components/ # UI components
│ ├── hooks/ # Custom React hooks
│ ├── lib/ # Utilities
│ └── services/ # Nostr, Bitcoin, eCash services
├── src-tauri/ # Rust backend (Tauri)
│ ├── src/ # Rust source code
│ ├── icons/ # App icons (all platforms)
│ ├── capabilities/ # Tauri permissions
│ └── tauri.conf.json # Tauri configuration
├── public/ # Static assets
└── package.json
- NIP-01 — Basic protocol (event signing, relay communication)
- NIP-02 — Follow list (kind:3 contact list)
- NIP-04 — Encrypted direct messages (legacy, fallback)
- NIP-05 — DNS-based identity verification
- NIP-06 — Key derivation from mnemonic seed phrase (BIP-39)
- NIP-19 — bech32-encoded entities (npub, nsec, naddr)
- NIP-44 — Versioned encryption (primary encryption method)
- NIP-46 — Nostr Connect (remote signer protocol)
- NIP-60 — Cashu wallet state backup (encrypted to self)
- NIP-61 — Nut zaps (Cashu ecash zaps via Nostr, with P2PK locking)
- NIP-65 — Relay list metadata
- NIP-78 — Arbitrary data to deliver updates to DENOS
- NIP-87 — Cashu mint discovery via Nostr events
- NIP-PC55 — Local signer protocol (alternative to NIP-46)
- NIP-UPV2 — Username & Password version 2 (alternative to NIP-46)
- NIP-DN — Decentralized short human readable and memorable IDs
- NIP-NSP — Nostr Silent Payments to conveniently receive payments privately from various networks
- NIP-POS — Point of Sale system for merchants to sign off on sales and receive network or traditional state currency payments
- DNN — Decentralized Nostr Naming (custom identity system)
