Oddbean new post about | logout
 We had a really rough time with the nsec bunker Pablo had originally built. It made sign up an absolute nightmare, and it kept breaking. 

So we ripped it all out and built our own. And  it worked better..

Haven’t open sourced it yet because (a) too busy with trying to make the damn app work, and (b) we’re not even sure we’re going to keep using it. Got some ideas on how we can do it even better.

That being said, that Māori community is welcome to have a play and experiment on Satlantis. Still early days, but the features are coming along  
 It’s they want something they can localized in to Te Reo, has a default list of cities and Marae’s and things like that. Also because they believe in sovereignty they want to run their own relays. 

I’m curious about your updated nsec hosting, i think having a good solution for that would really help nostr take off. It’s one of the big advantages of the way bluesky puts your keys on the PDS and then lets you have the PDS custody them. Either bluesky run or if you host your own.  
 I stopped developing nsecbunker because it had horrible centralizing tendencies which caught me off guard; I launched it as a POC but it started taking off in a way that would have been bad for nostr would it have continue to scale like that.

We are now getting a FROST-based bunker that solves the completely custodial, completely ruggable setup in favor of a collaborative-custody of private keys. The difference between a Coinbase and an Unchained or Casa: signers assist in getting you keys but they can't unilaterally sign on your behalf.

For the user it *looks* the same, it's as frictionless as Bluesky where the user can choose to ignore all key material, but in the back there is no one single party with access to the entire key which is a massive difference in terms of sovereignty. 
 Interesting. Looking forward to see it 
 Very interesting. 
 wen 
 Appreciate you 👨‍💻👨‍🔬 
 big if true 
 Very wise move! 🤙

nostr:nevent1qqsf622k6hctk357a0c0ugfnsul636acf9aasdxkej23t7gdasmrufspz4mhxue69uhkummnw3ezummcw3ezuer9wchsyg86np9a0kajstc8u9h846rmy6320wdepdeydfz8w8cv7kh9sqv02gpsgqqqqqqsme7laq 
 I am still not sure signed data are that necessary or useful, but using FROST + server side signing is great, because even if you don't care about signed data, you don't pay a huge price for it anyways... you still can keep your keys sovereign. 

nostr:note1n554d40shdrfa6lslcsn8pel4r4msjtmmq6ddny4zhusmmpk8cnqxtv0s5 
 Idk if it's only me but I hate this shared custody stuff. Teach your users to self custody through good UX. It's not impossible to keep a private key safe. 

I'm not against personal remote signer's. I just don't like THAT being the way most people are going to interface with nostr. 

nostr:nevent1qqsf622k6hctk357a0c0ugfnsul636acf9aasdxkej23t7gdasmrufspzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtczyrafsj7hmweg9ur7zmn6apajdg48hxuskujx53rhrux0ttjcqx84yqcyqqqqqqgdp379q 
 Really curious about this, how would you setup this to be UX friendly?

Where are the user controlled keys are going to reside? I suppose there will need to be a user controlled active signer somewhere no? 
 The proces on https://join.the-nostr.org/ (just a demo, do not use it) is rather smooth, only that this does not explicitly give you the underlying privatekey, but it is actually stored locally so trivial to add.

You 'need' an active signer only if you want to be part of the multisig. Not sure how usefull that actually is, you only reduce the trust a tiny bit. Its still a threshold signature so collution is still possible so at the end of the day you still trust those that you made part of the FROST.

So no, you dont need to be an active signer, you just get a bunker link and you are off. If the link gets compromised you can ask the signers to stop signing and create a new FROST based on the same key with the same resulting Npub 
 so let me get this straight, you hire more nsecbunkers instead of just one? I am not going to pass judgment on that I promise I just want to know what is, and will keep mu opinions to myself this time. 
 nostr:nevent1qqsvj0cct80na8szr4wj7p2ljc76hqjzggumvg9n2lv6shz6945ltdsprdmhxue69uhhyetvv9ujuumwda68ytnwdsargwfe8yuj7q3qt6jxfqz9hv0lygn9thwndekuahwyxkgvycyscjrtauuw73gd5k7sxpqqqqqqzmja3dw 
 😅 I am not concerned with collusion because I don't even think I can get a single human being to signup yo multiple services to do just one thing, I can't even convince myself to bother. 
 I dont follow. What do you mean by 'multiple services'? 
 Don't you need multiple service providers to hold your keys and sign on your behalf, basically multiple signers, these are services.

I can't imagine the UX of asking normal people like myself to sign up to multiple providers and judge who deserves my trust and who don't  
 Meh. You can just trust an aggrigator directly like on that demo-site, or a nice market place where you select your providers, pay and move on with your day should do it. 

Judging whom to trust is a problem in so many places/things yet the world still functions. 
 Me is the wrong attitude if your mission is to make public keys usable for most people. But I don't think I can offer much better alternatives given that key delegation was already rejected in Nostr before.

Diversity of experiments are good as well. 
 Have you been working on the FROST-based bunker already? POC? 
 Yes there is a POC:
https://join.the-nostr.org/

⚠️Dont actually use this!⚠️ 
 Oh…glad I didn’t get nsecbunker 
 Really good to hear thanks! I’ve had so much trouble trying to use nsecbunker and kept thinking it was my lack of skills 😅 
 What is the current safest key signing method(s) for clients to use for nsec's?

In dummy language for me? 
 good job pivoting 🤙 
 already working on this

frostr.org

it would be good to collaborate, instead of having separate projects 
 ah cool! didn't know about this! 
 I see that my reputation for being terrible at marketing precedes me 😂