Oddbean

I was just thinking to myself this morning about nsecs and what to do if yours gets compromised? Is there a way one could have multiples linked together as you, so that you could deactivate one if it got compromised (or lost or something) and still proceed with your same identity and all your previous notes and social graph? It's not like you can just change your password as with other apps. Maybe an nsec bunker could help with this? Maybe it already does? Honestly, I've found them too confusing to use myself, and it sounds like nostr:nprofile1qqstnem9g6aqv3tw6vqaneftcj06frns56lj9q470gdww228vysz8hqpz4mhxue69uhk2er9dchxummnw3ezumrpdejqzrthwden5te0dehhxtnvdakqz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcjgxv3n hasn't fared much better: nostr:nevent1qqsxtw0z7rjce222sygzl9r9h244k26tusy9yyqjvz6npdajuqcgayqpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtczyzu7we2xhgry2mknq8v7227yn7jguu9xhu3g90n6rtnjj3mpyq3acqcyqqqqqqgld2k0g #asknostr #askdevs

I think this is a supremely underrated necessity for a really great and secure Nostr experience. Basically two main options to fix this, imo: 1. generate a new key for every single client you use, and then sign with a master key that “this is mine” and so every user sees them as all one account. 2. generate sub keys *from* a master key that you can give specific permissions to and make a new one for each client, and it simply is allowed to reach out to a main device that has your master, and ask it to sign. (Basically the nsec bunker design) Both open up a ton of possibilities. The first is easier, but requires more complication and data gathering from the client side it seems. The second has the problem of needing an always online device that manages the master key, or having some sort of “good for 100 posts” key or something somehow. Both are not easy, but both seem very possible. And I think this is far more important to have a system for than people recognize, imo.