Five steps. Don't skip step 3.
Never heard of Nostr? It's an identity system
based on a keypair — think "SSH key, but for apps." Your
public key (called an npub) is your
username. Your private key signs things to prove they
came from you. There's no email, no password, no signup form.
ceremony_tool on your machine when it's your turn,
never touches the browser, and is destroyed after you submit.
Losing or rotating your Nostr key later doesn't weaken the
ceremony — your contribution is in the permanent transcript
either way.
NIP-07 is the Nostr standard that lets a website ask your browser "please sign this small message with your key" — without the site ever seeing the private key itself. The signer is whatever app holds the key and answers those requests. Install one below, then come back to this page.
First time? The signer will offer to generate a fresh keypair for you. That's fine. You can use this same key on other Nostr apps later (Damus, Primal, Amethyst…) or keep it ceremony-only.
Browser extensions are quickest. Remote signers (NIP-46) keep the private key on a separate device and are recommended if the key matters to you long-term.
After installing, click Connect Nostr. Your
signer will pop up once and ask permission to share your public
key with ceremony.onym.chat. Approve; later
signing requests reuse that permission.
All three tiers run in parallel. Small is fastest (seconds to contribute, smaller download). Large has the most headroom for future circuit growth.
You'll be notified via this page when it's your turn. Keep the tab open or come back periodically.
You're . Worst-case wait from here: . Average round takes ~15 minutes in practice.
You're at the head of the queue. Claim your 2-hour slot to receive the current state and start contributing.
When you reach the head of the queue, the coordinator opens a 2-hour slot. Refresh this page to claim it.
Don't want to contribute anymore? This releases your spot immediately.
Run the native binary on an air-gapped or ephemeral machine. Don't paste secrets, don't let the scalar touch persistent storage.
./prev/):
prev/state.srs — sha256 prev/state.txt — sha256 prev/receipt.txt — sha256 Blossom also serves each file individually: state.srs, state.txt, receipt.txt.
ceremony_tool for your system
Detected: . Version .
sha256: ·
all platforms & signatures
Signed + notarized + stapled by Apple — first launch will not
show a Gatekeeper warning. Open the .dmg, drag
CeremonyTool.app to Applications,
then launch it.
Some users prefer the CLI binary over the GUI app. The CLI is signed + notarized starting at v1.5.4, so first launch no longer needs a manual override on a current macOS. If you hit a Gatekeeper warning anyway:
Clear the quarantine flag after downloading:
Or via the UI: open Finder, locate the file, right-click → Open → Open again in the warning dialog. If the second dialog offers no "Open" button, go to System Settings → Privacy & Security, scroll to the bottom and click Allow Anyway for the blocked binary.
Verify what you just ran:
After download:
Rename to ceremony_tool.exe and run from an elevated PowerShell. SmartScreen may prompt — More info → Run anyway.
Couldn't detect your platform automatically — pick your download from the release page.
prev.zip on the app window. Pick your tier
() and paste your Nostr pubkey
(~/Downloads/contribution--.zip.
Download the CLI binary for your platform, then:
contribution-…zip the app produced:
Zip the ./mine folder and drop it here (or use the button):
Can't contribute right now? Release the slot so the next person in line can take over.
Please do the following, in order:
Want to contribute to another tier too? Pick a different tier in step 2 above — each tier runs an independent queue, so one contribution per tier is welcome.