Damus
Open in Damus
Max Hillebrand profile picture
Max Hillebrand

Garland: Your Keys, Your Files, No Trusted Third Party

Article header image

Garland turns Blossom blob storage into a virtual drive on your device. Your Nostr key is your password. No accounts, no cloud lock-in.

#Nostr#Blossom#Backup

I've been working on something and I want to share it early to get feedback.

The problem is simple: I want to store files across multiple servers without trusting any single provider. I want to recover everything with just my private key. And I want it to feel like a normal folder on my phone.

Existing solutions either require accounts, lock you into one provider, or make encryption an afterthought. I wanted something built for sovereignty from the ground up.

What is Garland?

Garland is middleware. It creates a virtual drive on your device that syncs to Blossom servers, decentralized blob storage with content addressing. Think of it like having your own S3 bucket, except:

  • No accounts. Your Nostr private key (nsec) is your identity.
  • No single point of failure. Files replicate across multiple Blossom servers you choose.
  • Full encryption. Everything encrypted client-side before upload.
  • Complete recovery. Lose your phone? Import your nsec on a new device and everything comes back.

How it works

Your files live as encrypted blobs on Blossom servers. But how does Garland know what files you have? That's where Nostr comes in.

Every time you click "Save," Garland:

  1. Uploads new/changed encrypted blobs to your Blossom servers
  2. Creates a Nostr event containing an encrypted manifest (file paths, hashes, sizes, server locations)
  3. Links this event to the previous one, forming a hash chain

This chain is your file system's history. You can roll back to any point. If you accidentally delete something, the old blob is still on Blossom, just point to an earlier manifest.

Handling conflicts

Multi-user-write file systems are crazy complex, so that is simply out of scope. But what if you put your nsec on two phones and both write at the same time? You get a fork, two events pointing to the same parent.

Garland detects this and shows you the conflicting files. You choose: keep the old version, keep the new version, or keep both. No silent data loss.

What I'm looking for

This is early, and there's lots of work to do:

  • Architecture review. Does this scheme make sense to you?
  • Rust developers. The core (encryption, Blossom client, Nostr signing) is Rust.
  • Flutter developers. The UI and platform integration.
  • GrapheneOS users. This is built with you in mind first.

If any of this resonates, if you've wanted file storage that respects your sovereignty, I'd love to hear from you. Feedback, criticism, contributions all welcome.