Secure contacts
Last updated: 28 Jun 2026
Per-vault address book—not your phone contacts app.
Who this is for
Users who share with the same people repeatedly and want vault-to-vault delivery without re-entering DIDs every time.
What you need
| Tier | Free |
| Vault state | Unlocked |
| Network | Offline OK for local contact storage; cloud relay delivery needs network when sender uses relay |
| Feature toggle | Contacts enabled (default) |
Steps
Open Contacts
Go to https://se.nt2.me/contacts from the sidebar or bottom nav.
Add someone by invite (recommended)
- Tap Invite someone (or Add contact).
- Share your invite QR or link—the other person scans or opens it in their vault.
- They send their reciprocal invite back; you Scan their reciprocal invite on your pending contact row.
- When both sides complete the exchange, encrypted vault-to-vault sharing unlocks for that contact.
Add by Vault Key DID (advanced)
- Choose Add contact and paste their
did:key:…Vault Key DID. - Preview DID and confirm the signing key fingerprint out-of-band (phone call, in-person, known channel).
- Save a display name. Until reciprocal invite completes, some encrypted shares may be blocked—follow the in-app hints.
Trust states
| State | Meaning |
|---|---|
| Invite pending | You added them; awaiting their Key DID or reciprocal invite |
| Unverified | DID on file; fingerprint not yet confirmed—review before sensitive shares |
| Verified | Successful share or explicit confirmation—preferred for high-trust data |
Share to a contact
From any asset Share sheet, choose Send to another vault and pick the contact. Delivery options include copy link, QR, cloud relay, or meet nearby (when enabled).
Block or remove
- Block stops new inbound messages from that contact without deleting history you already accepted.
- Remove contact deletes local DID cache for that entry—re-invite if you reconnect later.
Tips and common mistakes
- Contacts are per vault, stored locally, and never uploaded as plaintext address books.
- This is not your phone Contacts app—entries are Vault Key DIDs, not phone numbers.
- Peer DID exchange is required for full encrypted sharing both ways; one-sided invites alone are not enough.
- Confirm fingerprints out-of-band before sharing mnemonics, API keys, or ID scans.
- Use Inbox to accept contact profile updates and asset shares from known senders.