Nostr: How to Generate Your Keys Locally
Published on Oct 27, 2025 (updated Oct 30, 2025), filed under development. (Share this post, e.g. on Mastodon or on Bluesky.)
If, like me, you’ve found yourself needing to search if and how you could generate your private and public keys for Nostr on your own machine, then two pieces of information just helped me:
- Nostr uses Secp256k1.
- You can generate Secp256k1 keys using openssl. (The commands can be adjusted further, but I’m not the best person to advise on that.)
For self-verification using your own domain, you can add the generated public key to .well-known/nostr.json, like
{
"names": {
"NAME": "PUBLIC_KEY"
}
}
This worked for me to set up an account on Primal: j9t@meiert.com.
Why? I don’t know. I’m testing 🤷‍♂️
If I err with something—which I well might, given that I’ve had no idea of Nostr—please let me know so that I can update this post. Thanks!
Update (October 30, 2025)
Two lessons learned since:
For the self-verification method, check your CORS headers. Sean Tilley’s How to Set Up a Verified Nostr Address seems useful.
A separate topic but one that came up configuring Primal: It took me a while to get a Bitcoin Lightning Address (the crypto services I’ve been using didn’t offer one). There are some paid options and some that require self-hosting. I’m currently testing coinos, which was fast to set up.
About Me
I’m Jens (long: Jens Oliver Meiert), and I’m a web developer, manager, and author. I’ve been working as a technical lead and engineering manager for companies you’ve never heard of and companies you use every day, I’m an occasional contributor to web standards (like HTML, CSS, WCAG), and I write and review books for O’Reilly and Frontend Dogma.
I love trying things, not only in web development and engineering management, but also in other areas like philosophy. Here on meiert.com I share some of my experiences and views. (I value you being critical, interpreting charitably, and giving feedback.)