Oddbean new post about | logout
jp305 | 6 months ago (raw) | root | parent | reply | flag +4 
 What is your alternative?
Just mitigate the risk with backups, multi-sig, etc.
allbits | 6 months ago (raw) | root | parent | reply | flag +1 
 Multisig requires multiple keypairs, right? Multiple keypairs is not something that's in the protocol,  right?

Backups do not mitigate against theft
jp305 | 6 months ago (raw) | root | parent | reply | flag 
 Either you own your social graph/identity/money or either you don’t.

I’m pretty sure there will be 3rd parties that would manage keys for you or a business where multiple people can post for a business account, for example.

For theft, that’s a good point. There is already some list for mutes… I would think that if enough clients move an npub to “compromised” or something, clients could do something about it.

IDK I’m not an expert, but this sounds like something easy to do (if not already done)
brugeman | 6 months ago (raw) | root | parent | reply | flag 
 We've had multisig for nostr more than year ago: https://github.com/nickfarrow/frostr It's just not user-friendly and not built into any signer and nobody really needs it. Maybe we should explore it with nsec.app?

The only reason you don't have robust solutions against nsec theft is because nobody cared enough yet.