Frostr keyset manager and remote signer for secure distributed key management.
Igloo is part of the FROSTR ecosystem - a k-of-n remote signing and key management protocol for nostr, using the powers of FROST (Flexible Round-Optimized Schnorr Threshold signatures).
Igloo focuses on splitting your nsec into shares and operating as the remote signer in that workflow. It does not initiate signing requests itself; pair it with other FROSTR clients—like Frost2x, the NIP-07 browser extension, or igloo-server for NIP-46—to kick off signing sessions. Explore the full companion app list at frostr.org/apps.
- 🔑 Keyset Management: Generate new keysets or import existing nsec keys
- 📊 Threshold Signing: Create k-of-n multi-signature setups (2/3, 3/5, etc.)
- 🔐 Encrypted Share Storage: Save individual shares to filesystem with password encryption
- 🖥️ Remote Signing: Start signing nodes that communicate over nostr relays
- 🔄 Key Recovery: Reconstruct nsec from threshold number of shares
- 📱 QR Code Sharing: Transfer shares between devices with visual confirmation
- 📋 Event Logging: Complete audit trail of signing requests and responses
- 💾 File System Management: Automatic share detection and secure storage
- 🖱️ Electron UI: Native desktop experience with system integration
- 📋 Clipboard Support: Easy copying of keys, shares, and QR codes
- 🔒 Cross-Platform: Signed binaries for Windows, macOS, and Linux
- 🏗️ Architecture: Built on
@frostr/igloo-corefor centralized, tested cryptographic operations - 🛡️ Input Validation: Comprehensive validation for shares, keys, relays, and hex inputs
- 🔄 Node Lifecycle: Robust connection management and cleanup procedures
- 🔐 End-to-End Encryption: Secure communication between signing nodes over nostr
Download the latest release for your platform from our GitHub Releases page.
All releases use dual-layer security:
- GPG signing: All release artifacts are GPG signed with developer keys
- macOS code signing: macOS apps are signed with Apple Developer ID and notarized
- SHA256 checksums: Integrity verification for all platforms
We strongly recommend verifying your download:
- See VERIFICATION.md for detailed verification instructions
- Import our GPG signing key for release integrity verification
- Verify both GPG signatures and checksums before running the application
Available formats:
- Windows: Installer (.exe) and portable (.exe) [GPG signed]
- macOS: DMG (.dmg) and ZIP (.zip) [GPG signed + Apple code signed & notarized]
- Linux: AppImage (.AppImage) and Debian package (.deb) [GPG signed]
Starting with version 0.1.2, Igloo is properly code-signed and notarized by Apple, which means:
✅ No more "damaged app" errors
✅ No manual security overrides needed
✅ Smooth installation on all macOS versions
Simply download the appropriate file for your Mac:
- Intel Macs:
Igloo-x.y.z-x64.dmg - Apple Silicon Macs:
Igloo-x.y.z-arm64.dmg
The app will open normally without any security warnings.
Note: If you're using an older version (0.1.1 or earlier), those versions used ad-hoc signing and may still trigger security warnings. Please upgrade to the latest release for the best experience.
If you prefer to build from source, see BUILD.md for detailed instructions.
npm install
npm run startShareList: detect existing share files in filesystem
Create: create a new keyset by generating a new nsec or pasting in your own
Keyset: copy & save individual shares (only screen where entire keyset is in memory)
Keyset also allows sharing via QR code for easy transfer to other devices:
- Click the QR code button next to any share
- Scan the QR code with another device to easily import the share
- The QR code will remain visible until the receiving device confirms receipt
- When the share is successfully received, the UI automatically updates to show confirmation
- Securely transfer shares between your devices with visual confirmation
SaveShare: add and confirm a password for each share (share will be encrypted using pbkdf2)
Keyset: shares saved as json files in local file system, saved shares can be detected, but only encrypted with user password.
Continue: keyset will be removed from app state
Back to share list
LoadShare: enter password to decrypt and load single share into memory
Signer: Share is in memory, auto populates share and group key in signer. Start the signer and leave running in the background.
EventLog: See a full log of all events (requests / responses / node stte) within a session of running the signer on a given share.
Recover: Use threshold of shares in keyset to recover nsec.
Igloo implements the FROSTR protocol, which uses Shamir Secret Sharing to break up your nsec into "shares" and a hyper-optimized version of FROST to coordinate signing of messages.
The workflow is simple:
- Use Igloo to generate a new nsec or import your existing one
- Create your multi-signature setup (like 2/3, 3/5, etc.) generating multiple shares
- Store each share securely on different devices (Igloo, Frost2x extension, etc.)
- When signing is needed, your FROSTR nodes communicate over nostr relays using end-to-end encrypted notes
- Your signatures remain unchanged - nobody knows you're using multi-sig
The beauty of this system is that it's a drop-in replacement for existing signing solutions, working with NIP-07 and NIP-46 compatible applications.
- 🔒 Improved Security: Centralized, well-tested cryptographic operations
- 🚀 Better Reliability: Robust node lifecycle management and error handling
- 🧪 Enhanced Testing: Comprehensive test coverage for both UI and core logic
- 📦 Easier Maintenance: Clear separation between desktop features and core functionality
- ⚡ Future-Proof: Core logic can be shared across web, mobile, and desktop applications
A share is a piece of your private key (nsec) that has been split using Shamir's Secret Sharing (SSS), which is implemented in the FROST protocol. SSS uses polynomial interpolation to split your private key into multiple shares. Each share alone cannot be used to access your funds or sign transactions. A share is intrinsically tied to its keyset - it cannot be used with shares from different keysets, and it does not reveal any sensitive information unless combined with other shares from the same keyset (up to the threshold). This threshold-based approach ensures that no single share can compromise your security.
A keyset is a collection of shares that work together to represent your private key (nsec). When you create a new keyset, you generate multiple shares that are mathematically related to each other. The keyset is identified by a unique group key that helps you manage and organize your shares. Each share in a keyset is designed to work together and cannot be mixed with shares from other keysets. This relationship ensures that shares from different keysets cannot be combined to reconstruct a private key.
A relay is a server that facilitates communication between different parts of the system. In the context of remote signing, relays help transmit signing requests and responses between the client and the signer. Relays are essential for the distributed nature of the FROST protocol, allowing different shares to communicate securely without being in direct contact.
An nsec is your private key in the Nostr protocol. It's a secret key that should never be shared with anyone and is used to sign messages and prove ownership of your public key (npub). When using Igloo, your nsec is split into shares using the FROST protocol, allowing for secure distributed signing without ever exposing the complete private key.
Creating a new keyset involves either generating a new private key (nsec) or importing your own existing nsec, and then splitting it into multiple shares using Shamir's Secret Sharing (SSS) as implemented in the FROST protocol. This process helps distribute the risk of key loss across multiple shares while ensuring that no single share can compromise your security. Whether you're generating a new nsec or using your own, the result is the same - a set of shares that together represent your private key.
Recovering a keyset is the process of reconstructing your original private key (nsec) by combining a sufficient number of shares (meeting the threshold requirement) using polynomial interpolation. This is useful when you need to access your full private key, such as when migrating to a new system. The recovery process uses the FROST protocol's share combination algorithm to reconstruct the original private key.
If one of your shares is lost or compromised, you can abandon it by replacing your existing shares with a new set. This renders the compromised share useless. The rotation process is simple:
- Re-import your nsec into Igloo and generate a new set of shares
- Destroy all existing shares from the old keyset (remove them from signers and delete)
- Transfer your newly created shares to your signing devices
- Your npub remains unchanged, and your online identity continues uninterrupted
There is no limit to how many sets of shares your nsec can generate, and each new set is random. You can rotate as frequently as needed for security.
You should rotate your shares if:
- You suspect one of your shares has been compromised
- You've lost access to one or more shares
- You want to change your threshold setup (e.g., from 2/3 to 3/5)
- As a regular security practice, similar to changing passwords
- Break up your nsec into fragments called "shares"
- Create any kind of multi-signature setup (2/3, 3/5, etc.)
- If one share is compromised, your secret key remains safe
- Simple key rotation
- Your npub doesn't change - maintain your existing nostr identity
- Your signatures remain unchanged - nobody knows you're using multi-sig
- End-to-end encrypted communication between signing nodes