Blockcore Notes

Notes app for decentralized infrastructures (Nostr and Web5)

Blockcore Notes is an app for your public and personal notes. It is built to support the Nostr and Web5 (coming in the future).


The Nostr support for Blockcore Notes relies on using your Nostr identity (public key) and uses a set of relays to publish and store your notes. You can run your own personal relay to always keep a backup of your notes.


The Web5 support for Blockcore Notes relies on using your DID and use your DWN (Decentralized Web Nodes) to publish and store your notes. The Blockcore Wallet already supports and hosts an internal DWN within the extension, this can be used to store a local copy of all your notes.

Connect using extension

Blockcore Notes require that you use an extension that keeps your keys secure and is responsible for performing signing of your notes, and performs encryption and decryption for private notes.

We suggest using Blockcore Wallet (Chrome Web Store), but other options are available such as nos2x and Alby.


A goal of Blockcore Notes is to be feature rich and have functionality that goes beyond the NIP-specifications.

  • Relay Management
  • People Management
  • Circle Management
  • Profile Edit
  • Notes Management (save notes)
  • Media Player (listen to podcasts, music or watch videos while reading feeds)



Development server

Run ng serve for a dev server. Navigate to http://localhost:4200/. The application will automatically reload if you change any of the source files.

Code scaffolding

Run ng generate component component-name to generate a new component. You can also use ng generate directive|pipe|service|class|guard|interface|enum|module.


Run ng build to build the project. The build artifacts will be stored in the dist/ directory.

Running unit tests

Run ng test to execute the unit tests via Karma.

Running end-to-end tests

Run ng e2e to execute the end-to-end tests via a platform of your choice. To use this command, you need to first add a package that implements end-to-end testing capabilities.

Further help

To get more help on the Angular CLI use ng help or go check out the Angular CLI Overview and Command Reference page.


Thoughts and ideas:

  • Validate the content of certain limit and don’t render at all if content is too long, or at least cut the content and only render X length. Then allow users to manually retrieve that exact event upon request.


There are many ways a web app can be exploited when it allow user contributed content. Any and all measurements to avoid exploits should be done, like sanitizing the input.

XSS Filter Evasion Cheat Sheet


View Github