Matt Lorentz / mplorentz

People14 min readHuman profile

Matt Lorentz / mplorentz

Matt Lorentz, known online as mplorentz, belongs in the People map because his work joins two hard Nostr questions: how people own social identity, and how they recover when keys or secrets are at risk.

Why Matt Lorentz matters

Matt Lorentz is not one of the loudest names in Nostr, which is exactly why his page is useful. The handle mplorentz points to a builder who has spent years near the practical side of open social software: peer-to-peer networks, mobile clients, user-owned identity, and now a Nostr-based recovery tool for secrets that are too sensitive to hand to a cloud account.

The old shortcut for this profile was "Keydex builder." That was not wrong as a historical breadcrumb, but it is no longer the clean public name of the work. Lorentz wrote in late 2025 that the project had been called Keydex for most of its first quarter, then was renamed Horcrux. The stronger profile starts there: Horcrux is the current surface, and Keydex is part of the origin story.

That correction matters because names carry the factual trail. If readers are sent to a generic Keydex search, they land in the wrong neighborhood. If they follow Lorentz's site, the Horcrux repo, the Horcrux site, and his OpenSats progress reports, they find the real story: a developer trying to make recovery, consent and human trust work inside the cryptographic world Nostr creates.

Nostr sells an elegant promise: your account is a key, not a platform lease. The rough edge is just as simple. Lose control of that key, mishandle sensitive data, or ask non-technical friends to help with recovery, and the elegance gets tested. Lorentz's current work sits right on that uncomfortable line.

The work before Horcrux

Lorentz's own site describes him as a software engineer working on healthier social software, and it places Horcrux beside two earlier public anchors: Planetary and Nos.social. That is the right frame. He did not arrive at Nostr as a pure wallet person or as a passing app-store opportunist. He came through the problem of social software itself.

Planetary was an iOS app for Secure Scuttlebutt, the peer-to-peer social network where data moves through relationships rather than through one central service. The public Planetary repository reads like an argument for social media where users keep ownership of relationships and content, where feeds can work offline, and where a company does not get to become the whole public square.

Nos.social carried a similar instinct into Nostr. Its repository describes Nos as a Nostr client inspired by Planetary, and the public site talks in plain user terms: posts, feeds and connections belonging to the person instead of a corporation; a single identity that works across many apps; an ad-free social surface built on an open protocol. Those are not side details. They explain why Lorentz reads Nostr through usability, identity and social trust, not only through protocol minimalism.

His January 2023 essay comparing Nostr with Secure Scuttlebutt is also useful because it is early, candid and grounded. He had spent years in SSB and only a short time in Nostr, so the piece is not a final verdict. It is a field note from someone who knew one decentralized social culture well enough to notice what Nostr made easier, what it left exposed, and where momentum was already changing the conversation.

Horcrux gives the story a surface

Horcrux is the current solid object in the story. It is an open-source app for backing up sensitive data to people the user chooses: passwords, cryptographic keys, digital wills, instructions, or other information that feels too important for an ordinary password manager and too awkward for a sealed envelope in a drawer.

The design is deliberately social. Horcrux uses Shamir's Secret Sharing to split a vault into shares, gives those shares to trusted stewards, and requires enough of them to cooperate before the secret can be recovered. No single steward has the whole thing. No single cloud account stores the whole thing. The recovery path depends on people and cryptography at the same time.

Nostr enters because Horcrux needs identity, encrypted communication and relay transport between the vault owner and stewards. The public site explains the idea in consumer language, while the GitHub README and draft NIP expose the protocol shape: encrypted events, share distribution, recovery requests, recovery responses, relay choice, and the metadata risks that still need to be understood by serious users.

That combination makes Horcrux more than a narrow backup utility. It is a test of whether Nostr can carry private, consent-heavy workflows without turning into a platform account system. The app asks a very practical question: can a user-owned identity layer help people handle secrets that require both technical safety and human judgment?

The Nostr role in plain language

Inside Nostr, Lorentz functions as a social-software and key-safety builder. In plain language, he works on the parts of the network where a cryptographic identity has to survive contact with ordinary human mess: forgotten backups, nervous stewards, app onboarding, relay behavior, private messages, group spaces and people who need the system to explain itself.

Horcrux is the clearest example, but it is not the only one. In his Q1 2026 OpenSats report, Lorentz wrote that he split time between Horcrux and Flotilla, a Nostr community-space project. On Flotilla he worked on Discord-style voice rooms, LiveKit-backed WebRTC calls, NIP-29 group call standardization, login fixes, image upload fixes, self-hosting documentation and related community infrastructure.

That range is the point. Lorentz is not trying to own the network. He is working where a protocol becomes a product surface: social clients, community spaces, calls, recovery flows and the quiet account-management details that decide whether people come back after the first week.

That gives this profile a sharper job than "Nostr developer." The role is closer to this: Matt Lorentz builds at the handoff between human trust and cryptographic identity.

What changed for users and builders

The useful question is not whether mplorentz is famous. It is what his work makes more legible. For users, Horcrux turns a terrifying abstraction into a sequence of decisions: create a vault, choose stewards, decide how many approvals recovery needs, distribute shares, practice the flow, and understand what metadata may still leak through relays or notifications.

That matters because the ideal self-custody story often stops at the warning label. Back up your key. Do not lose your seed. Protect your private data. Fine. But people live in families, teams, activist groups, small businesses and local communities. They die, travel, forget, lose devices, cross borders, change phones and ask friends for help. A system that ignores those facts is not serious yet.

Lorentz's public progress reports show the messy product work behind the cryptography. He interviewed users, changed terminology from lockboxes and key holders to vaults and stewards, delayed open beta testing because the data schema was still moving, and narrowed the initial use case after private testing showed which flows were too complex. That is not glamorous work. It is the work that keeps a security app from becoming a diagram nobody trusts.

For builders, Horcrux leaves behind a more concrete reference point. The repository is public. The NIP draft names event flows and threat boundaries. The app exposes where Nostr helps and where it adds new tradeoffs. Even if Horcrux changes or another tool overtakes it, the experiment gives the ecosystem a better vocabulary for social recovery over relays.

The human read without mythology

The human part of this profile is not private biography. It is taste. Lorentz keeps returning to software that tries to move power away from large platforms and back toward people who can actually understand and operate the tools in front of them. Planetary, Nos.social and Horcrux are different projects, but they share that pressure.

There is also a visible restraint in his writing. The Horcrux updates do not pretend that secret sharing solves every recovery problem. They talk about stewards who may not be technical, metaphors that fail under testing, relay metadata, incomplete audits, open beta timing and the uncomfortable fact that a security product becomes dangerous if it sounds finished before it is ready.

That is why Lorentz is easier to profile through work than through status. He is not presented in the public record as a protocol celebrity. He is a builder with a repeatable concern: how can open social software be powerful without becoming impossible for ordinary people to use safely?

Nostr needs that kind of person. The scene already has spec authors, relay operators, wallet builders, client maintainers and media voices. It also needs builders who sit with the unromantic edge cases until they turn into screens, copy, flows, defaults and warnings that real users can survive.

Receipts in the public record

The strongest public anchors are now direct: Lorentz's personal site, the Horcrux site, the Horcrux repository, his late-2025 Horcrux update, his Q1 2026 OpenSats grant report, the draft NIP, the Nos.social repository, the Planetary repository and his early Nostr-versus-SSB essay.

Those sources do different jobs. The personal site ties the handle to Matt Lorentz and names the public work. The Horcrux site gives the user-facing promise. The README and draft NIP show the technical design and the security boundaries. The progress reports show funding, timing, private testing, terminology changes, Flotilla work and the move from Keydex to Horcrux.

This matters because Nostr is full of handles, mirrors, forks and half-remembered launch posts. Without receipts, a people page becomes folklore. With receipts, the reader can follow the work and decide how much weight it deserves.

It also keeps the profile honest. The public trail says Horcrux is beta software. The roadmap includes security work. The threat model names what the draft does not protect against. A serious portrait has to include that, because the point of Horcrux is not vibes. It is trust under stress.

Where mplorentz sits on the map

Place Lorentz near the bridge between social clients and key recovery. From there, the map opens in four directions: Secure Scuttlebutt and Planetary, Nos.social and Nostr clients, Horcrux and social backup, Flotilla and community spaces.

That is a more interesting location than a simple "security builder" label. Horcrux is about sensitive data, but its recovery model is social. Nos.social is a social client, but its pitch is identity that moves between apps. Flotilla is a community platform, but its hardest problems are permission, groups, calls, relays and practical adoption. The repeated subject is not one protocol feature. It is social software without a single owner.

This is also why the People map needs people beyond the obvious headline names. Nostr is shaped by the contributors who make one behavior less painful: onboarding, recovery, direct messages, group spaces, calls, zaps, publishing, relay choice, moderation, language support, mobile polish. Lorentz belongs in that middle layer.

Readers coming from Bitcoin or Nostr key management can start with Horcrux. Readers coming from social networking history can start with Planetary and Nos.social. Readers looking at Nostr communities can start with Flotilla. All three routes lead back to the same question: what does user control look like after the slogan becomes an app?

Why this lane matters now

This lane matters now because Nostr is growing beyond "post a note with a public key." The network is becoming a place for clients, wallets, calls, communities, app launchers, software distribution, private messages, events and recovery flows. Each new use case makes identity more valuable. Each valuable identity makes loss and recovery more serious.

Horcrux arrived at that moment. In May 2026, Lorentz announced public beta testing on Nostr, describing the app as a way to split sensitive data into pieces and store those pieces across friends' devices. That framing is plain enough for a normal user and technical enough to show what is being attempted.

The open edge is also visible. Horcrux depends on social consent, relay availability, device behavior, Nostr encryption conventions and user understanding. Those are not small assumptions. They are exactly the assumptions a Nostr-native recovery app has to face in public.

That is why this is a People profile and not only an app note. The biography is the repeated choice to work on the difficult practical layer: the place where open protocols stop being an argument and become a set of screens someone trusts with something important.

What to open first

Start with Lorentz's personal site. It gives the clean identity link: Matt Lorentz, Horcrux, Planetary, Nos.social, Nostr, GitHub and public accounts. Then open Horcrux Backup to see the user-facing version of the idea without reading a repo first.

After that, read the December 2025 Horcrux update. It explains the rename from Keydex, the use of Shamir's Secret Sharing, the steward model, private testing, inheritance planning, border-crossing use cases, cryptographic key backup, terminology changes and the first-quarter build timeline. It is the richest single source for the product story.

Then read the Q1 2026 OpenSats report. That adds the current work: Horcrux's UI rework, invitation and recovery improvements, relay publishing reliability, Linux builds, planned public beta, app-store plans, and Flotilla voice-room work.

Finally, open the Horcrux repository and draft NIP. That is where the profile becomes inspectable. You can see the README warnings, Nostr privacy choices, event kinds, threat model and the places where the design is still changing. For a security-adjacent Nostr project, that is the right order: identity, product surface, progress reports, code.

The open edge

Lorentz's story is still moving because Horcrux is still moving. The public materials are refreshingly clear about that. The README calls the app beta software. The update posts talk about postponed open beta timing, planned security work, cut features, audit needs and the choice to focus before broadening the product.

That does not weaken the profile. It makes the public record more credible. A backup and recovery app deserves a higher bar than a feed reader. A Nostr recovery protocol has to name the risks around relay metadata, colluding stewards, compromised devices, social engineering and notification services before anyone treats it as infrastructure.

The open question is whether Horcrux becomes a durable app, a design reference, a draft standard, or one step toward a cleaner recovery pattern someone else later ships. Any of those outcomes would still make Lorentz part of the Nostr people map, because this is exactly the kind of experiment an open network has to run in public.

The biography in one line

Matt Lorentz matters because he works on the unglamorous handoff between human trust and cryptographic identity.

As mplorentz, he is best understood through Planetary, Nos.social, Horcrux and Flotilla: social software that keeps circling the same adult problem of user control. Owning your identity is powerful. Making that ownership survivable is harder.

Keep that memory and the profile becomes useful. Lorentz is part of the Nostr story because Nostr needs people who build past the slogan, into recovery, consent, community and the screens where trust either holds or breaks.

Sources worth opening

• Matthew Lorentz personal sitePrimary identity and public work trail for Horcrux, Planetary, Nos.social and Nostr accounts.
• Horcrux BackupUser-facing product site for the Nostr-based social backup app.
• Horcrux repositoryOpen-source app code, README, privacy notes and funding statement.
• Horcrux NIP draftDraft protocol for Shamir's Secret Sharing over Nostr events.
• Horcrux end-of-year updatePrimary explanation of the Keydex-to-Horcrux rename, product choices and first-quarter build work.
• OpenSats grant report Q1 2026Progress report covering Horcrux, Flotilla voice rooms and planned public beta work.
• GitHub: mplorentzPublic builder profile.
• Nostr v SSBLorentz's early comparison of Nostr and Secure Scuttlebutt from a social-software builder's point of view.
• Nos.social repositoryNostr client work connected to Lorentz's public social-software background.
• Planetary iOS repositorySecure Scuttlebutt social client context for Lorentz's earlier work.
• Flotilla SocialNostr community-space project referenced in Lorentz's 2026 grant report.