diff --git a/68.md b/68.md
new file mode 100644
index 00000000..7d558f3f
--- /dev/null
+++ b/68.md
@@ -0,0 +1,28 @@
+# NIP-068 Blinded Nostr Assets
+
+Centralized file storage (e.g. Amazon) is great for availability and speed but susceptible to censorship.
+
+Decentralized file hosting (for images, etc.) is a difficult problem to solve.
+
+Nostr thrives on simplicity, so I'd like to suggest a way of utilizing centralized file storage defensively so that hosts are less likely to censor or deplatform content.
+
+An image (or any file) can be encrypted with a password (maybe AES-256-CBC), given a random filename, and uploaded as a BLOB to a centralized host. The note that references the image URI will also contain the information necessary to decrypt the image. When a client loads a note referencing an encrypted image, it will fetch the BLOB and decrypt it locally to display it.
+
+Although this increases client load, it prevents the host from assessing the stored content without having knowledge of the particular note that holds the decryption information.
+
+This NIP is for defining how a file is encrypted and stored and how it is referenced, retrieved and decrypted in the client so that all clients can consistently recognize and handle blinded assets.
+
+The ubiquitous availability of cheap programmatic cloud hosting can be seen as a kind of decentralized mesh we can use to our advantage as long as the content hosted is uncensorable. If the host can't see the content they won't have a reason to censor it. Unless hosts begin to ban encrypted content, this seems fairly robust.
+
+If this made Amazon upset and they began to siphon notes from relays to index their blinded assets, we have another tool we can use: zaps https://github.com/nostr-protocol/nips/pull/224
+
+Consequently, if a lightning paywall is put up to prevent an angry host from indexing encrypted content, this also serves as a great generalized way for users to monetize their content.
+
+Simply: if enabled, you must zap a note to receive the decryption information to decrypt the media.
+
+There are many ways this paywall could be implemented. I'm looking to the nostr community for ideas.
+
+AES-256-CBC encryption references
+
+- https://stackoverflow.com/a/39412887
+- https://www.npmjs.com/package/aes-js