Stashu started while I was working on something else.
I was working on encrypted image uploads for RoboSats. The original issue was simple enough: traders sometimes need to send a screenshot or gift card image in chat. But the privacy part made it interesting. The file could not just sit on a server as plaintext.
In the issue thread, KoalaSat pointed me toward Blossom, and also made the important constraint clear: a private-looking URL was not enough. The file had to be encrypted so only the intended peer could open it.
So I spent a few days living with those primitives: browser-side encryption, Blossom uploads, Nostr event metadata, file hashes, nonces, and all the little pieces needed to move a file without the server learning what was inside.
When that work merged, the idea stayed in my head.
If a browser can encrypt a file, put the ciphertext on Blossom, and hand over the key only after payment, then a file store starts looking much simpler.
That became Stashu.
The first loop#
I started the Stashu repo at the end of January.
The first version was pretty plain. It was a Hono backend, a small React app, a seller page, browser-side XChaCha20-Poly1305 encryption, Blossom upload, and Cashu payments.
The question was just:
Can a seller drop in a file, set a sats price, and get a link?
And can a buyer open that link, pay with Lightning or Cashu, and decrypt the file locally?
That was the first loop:
seller uploads encrypted file -> buyer pays -> browser decrypts
Small, but useful.
Making it less fragile#
February and March were mostly about making that loop survive more real use.
Stashu got a buyer unlock page, seller dashboard, local Nostr keypair identity, NIP-98 auth for seller actions, Lightning invoices, Lightning withdrawals, Lightning address support, and auto-settlement.
Then came the quieter work: replay protection, processing locks, rate limiting, foreign keys, recovery for stuck payments, change proof handling, Docker, CI, and encryption at rest for seller tokens.
Kanishka also contributed some useful pieces along the way, including extension links, seller-token encryption, claim-token re-download work, and the storefront branch later on.
This part does not make great screenshots, but payment software needs it. Crashes, retries, and weird states are not rare enough to ignore.
March: launch and the first real feedback#
In March, I shared Stashu publicly:
Then the Cashu account posted about it, which was a nice surprise.
The app was still early, but the idea was easy to explain: sell encrypted files for sats, no accounts, no passwords, buyer can pay with Lightning or Cashu.
Around that time I also did a lot of security cleanup: encrypting file keys and stash metadata at rest, improving validation, adding tests, writing down the security model, and being more honest about what Stashu protects against.
That last part matters. Stashu v1 is still trusted escrow. The server coordinates payment and releases the file key after a valid unlock. Files are encrypted before upload, and sensitive database fields are encrypted at rest, but a fully compromised server is not solved by v1.
I would rather keep that clear.
Dev calls#
Stashu showed up in two Cashu community dev calls.
On dev call #31, Calle included Stashu while walking through Cashu progress and new ecosystem projects. I was not demoing it myself yet, so seeing it shown there was a very nice moment.
On dev call #32, I demoed it myself, mostly around the new Verified Peek flow.
Jake from the Cashu team made the demo feel relaxed, which helped a lot. I was nervous before it, but the room was encouraging, and it felt good to show Stashu next to so many other cool Cashu projects people are building.
April: storefronts, Blossom fallback, and Verified Peek#
After launch, one question kept coming back:
How does a buyer know what they are about to buy?
A file marketplace needs previews. But previews are tricky. Too much preview leaks the file. Too little preview makes the buyer trust only a title and description.
So v0.2 focused on Verified Peek.
For text-like files, Stashu can now generate a small public excerpt from the actual selected file in the seller’s browser. The seller can keep it automatic or choose the part they want to show.
The important part: the preview is not just text typed into a form. The browser creates proof data tying that preview to the committed file content.
On the buyer page, Stashu checks the preview before payment. If the proof is broken, payment is blocked. After payment, the browser downloads the encrypted file, decrypts it locally, and checks the unlocked file against the same commitment again.
I shared the v0.2 / Verified Peek work here:
Verified Peek does not make Stashu trustless. It just gives buyers a better check before paying, without adding accounts or KYC.
v0.2 also brought a few practical pieces:
- public seller storefronts
- per-stash storefront visibility controls
- Blossom server selection
- Blossom mirroring and download fallback work
- tighter blob validation
- claim-token recovery for re-downloads
- verified download states after unlock
- refreshed README and security docs
- tests for generated previews, stash proofs, storefront behavior, and stash validation
Stashu is also listed in cashubtc/awesome-cashu, which was a nice small signal that it fits somewhere in the ecosystem.
A few community notes#
Cashu and Nostr folks have been kind to this project.
Calle later posted about Stashu directly:
I do not want to overstate any of this. Stashu is early, and there are still hard parts ahead.
But it has been encouraging to see people understand the direction quickly: Cashu is not only for wallets. It can be a payment layer inside small, accountless apps.
What is next#
The next work is mostly about reducing trust in the server.
The pieces I care about most:
- NIP-44 key delivery, so file-key release is less server-readable
- NUT-11 P2PK payments, so the server does not temporarily hold seller funds
- multi-mint support
- better self-hosting
- Tor access
- richer previews for more file types
- bundles and storefront improvements
- more Nostr-native discovery later
Still early, but the core idea feels worth continuing: a simple place to sell digital files for sats, with browser-side encryption, Cashu payments, and fewer reasons to ask anyone for permission.