Comment on page
During the Nocturne onboarding flow, the user derives an alternative private key called their Nocturne spending key. This key controls the user's funds within Nocturne. The Nocturne MetaMask Snap stores and manages this spending key.
During the first user onboarding flow, the user is prompted to sign a fixed message. The produced signature serves as the user's spending key and is stored in the Nocturne Snap. After being stored, the key never leaves the Nocturne Snap and is only accessed by the Snap for producing signatures.
The Nocturne spending key is meant to be derived from an Ethereum account the user has carefully protected and secured. The reason for this is that if the user ever deletes their Nocturne Snap, they can always recover the stored spending key by re-signing the original fixed message with their Ethereum account. That said if the user ever loses both the Nocturne spending key and the private key to the original signing Ethereum account, they will be unable to recover their funds in Nocturne.
A canonical Nocturne address is a public address that can be used to generate more stealth addresses that belong to the owner of the corresponding Nocturne spending key. If you would like to pay someone privately to their Nocturne account, you would simply need to produce a stealth address using the recipient's canonical address and deposit to that stealth address. For ease of access, users publish a mapping of their public Ethereum address to their canonical Nocturne address. This makes private payments convenient, as one simply needs to look up the canonical address of the recipient they'd like to pay (using the recipient's Ethereum address) and generate a stealth address.
One of the last steps in the user-onboarding flow is the registration of the user's canonical Nocturne address against their public Ethereum address. The Nocturne Snap will prompt the user to sign a message proving that they own the canonical Nocturne address. After that, the user generates a ZKP of the signature and then submits it to the canonical address registry contract to link their Nocturne address to their public wallet.
All operations that spend private funds, (transferring ETH to a fresh address, performing a private swap, etc) must be authorized from the user's Nocturne spending key. When a user wants to perform an operation, the Nocturne Snap will prompt the user to confirm they would like to authorize the operation, displaying metadata about the particular operation in question. If the user hits "Confirm," the Snap will sign the operation with the user's spending key, authorizing it.