Developer Documentation
NanoMemoTools (client)
- If you want to integrate NanoMemo into a web or javascript project, this library will provide you all the functionality you need.
Server API
- No matter your platform, you can interact with NanoMemo via a RESTful API to get existing memos and save new memos.
Frequently Asked Questions
- What is NanoMemo?
- How do I read a memo?
- How do I write a memo?
- How does NanoMemo work?
- Is NanoMemo safe?
- Is NanoMemo decentralized?
What is NanoMemo?
Let's start by answering, what is Nano? Nano is a secure/decentralized, fast, and feeless cryptocurrency. It is digital cash in, arguably, its most efficient form. Nano prides itself in doing one thing and one thing well, fast/feeless/secure peer-to-peer transfer of value. In order to do value transfer well, the Nano protocol must be extremely efficient. This means that the data contained in a Nano Block is kept minimal.
And to that point, a freetext memo field (a descriptor of why the Block was created) does not exist.
NanoMemo looks to fill people/service's desire for a freetext memo field attached to a Nano Block. NanoMemo allows anyone that creates a Nano Block (makes a transaction with Nano) to write a memo and digitally sign it so that anyone can prove that the entity that created the Nano Block also wrote the memo. Additionally, NanoMemo offers a private memo option that encrypts a memo so that only a specified Nano Account can decrypt and read the memo's message.
How do I read a memo?
To read a memo for a specific Nano Block, all you need to know is the Nano Block's hash. This is a unique identifier for each Nano Block on the Nano Network. Once you have the hash, simply enter it into the search box at the top of this website and hit enter.
If a memo has been written for that block, you will see the message. If the memo has been encrypted, you will see ciphertext and have the option to enter your private key to decrypt the message if you were the intended recipient.
If no memo has been written, you will only see the details of the Nano Block. If the Nano Block is yours, there will be a link to write and save a memo for that Nano Block.
Example Memos
Developers
If you are a developer, you can request memos through the API. Three options:
- NanoMemoTools Javascript ( npm | docs | example get memo )
- RESTful API endpoint
- WebSocket message for each new memo
How do I write a memo?
To write a memo, you must have the private key for the Nano Block with which you want to associate your memo. This ensures the authenticity of a memo is inline with its corresponding Nano Block.
On this website you can go to Write Memo to manually write a memo. On that page you will also be given the option to encrypt the memo and set what Nano Account will be able to decrypt and read the memo.
Developers
If you are a developer, you can write memos through the API. Two options:
- NanoMemoTools Javascript ( npm | docs | example plaintext | example encrypted | example save to server ).
- RESTful API endpoint
How does NanoMemo work?
Memo Integrity - Digital Signature
NanoMemo uses the exact same digital signature algorithm that Nano Currency uses when signing Nano Blocks.
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very strong reason to believe that the message was created by a known sender (authentication), and that the message was not altered in transit (integrity). -- thanks wikipedia.
In a NanoMemo, the hash of the corresponding Nano Block is appended to a written message and signed with a Nano Account's private key. The signing Nano Account's public key is derived from the private key, so the memo can verify it is being signed with the same private key that signed the Nano Block.
Once a NanoMemo is signed, anyone with the Nano Account's public key can verify the memos integrity (to include authenticity). And the beauty of the Nano Network is that it acts as public key infrastructure. A Nano Account's public key can be derived from its address (and vice versa).
Memo Confidentiality - Encrypted Message
NanoMemo uses public key encryption to encrypt messages and create an encrypted memo. Referencing the same public and private keys that are used in the signing of the memo, we convert the keys from a Ed25519 signing key pair into Curve25519 key pair suitable for Diffie-Hellman key exchange.
In this type of encryption, a recipient must be known. In NanoMemo, you must specify what Nano Address is the recipient of your encrtyped memo. It can be any Nano Account, even if they are not associated with the corresponding Nano Block.
Once a NanoMemo is encrypted, only someone or something in possession of the decrypting addresses private key will be able to decrypt the message.
And it is worth mentioning that an encrypted memo's digital signature is calculated from the cipher text, not the decrypted plaintext.
Is NanoMemo Safe?
Here we want to be very clear and transparent.
NanoMemo uses various third-party libraries, which we will highlight below, but NanoMemo itself has not been audited for security of encryption or digital signing algorithms.
Before we review the libraries, I want to emphasize that NanoMemo will never send your private keys or seeds over a network connection. In fact, we never save those values to any persistent browser storage either. Any time a private key is needed to sign or decyrypt a memo (actions that take place on the client side, not server side), the private is requested, never stored.
Dependent Libraries
- nanocurrency-js - Used for key derivations and input validation.
- tweetnacl-blake2b-js - Used to sign, verify signatures, encrypt, and decrypt memos. Info on audits here.
- blakejs - Used for hasing.
- ed2curve-js (modified) - Modified and locally included to use tweetnacl-blake2b instead of tweetnacl; Used to convert from signing keys (Ed25519) to encryption keys (Curve25519).
- axios - Used for network requests.
- reconnecting-websocket - Used for client websockets.
- ws - Used for client and server websockets.
Is NanoMemo Decentralized?
No, NanoMemo is not decentralized. However, at this point we believe it does not need to be decentralized. In cyber security we speak of Confidentiality, Integrity, and Availability. NanoMemo offers condientiality through encrypted memos. NanoMemo offers integrity through digital signatures on memos. We, however, do not offer availability if the NanoMemo server goes away. Decentralized sharing of memos would require a lot of network and resource overhead. However, availability of a memo (not the NanoMemo server) exists as you can simply make copies of the memos saved at NanoMemo.cc. Because of the digital signatures and potential encryption, anyone can store a NanoMemo and its authenticity still be proven.
On the topic of Nano Blocks (decentralized availability) containing a data field, here is Nano creaor Colin LeMahieu: