Oddbean new post about | logout
NgU Engineer | 1 years ago (raw) | root | parent | reply | flag 
 how are keys handled?
PABLOF7z | 1 years ago (raw) | root | parent | reply | flag +11 
 Nip 46 and each app gets its own local key. The first app that generates the user’s key gets auto approved, subsequent ones need user approval.

When the user wants to off board from whoever is running the nsecBunker backend they can NIP-41 rotate the key away if the nsecBunker becomes malicious.

The cool thing is that downloading a “recovery kit” is already a very normal flow from apps that have important data; and this could provide a “Recovery kit” that includes everything the user needs, including a NIP-41 identity migration scheme.

This work was largely inspired by @rabble ‘s talk (I watched it on the flight): we need nostr for normies.

https://youtu.be/9pGZ2epF8ZY?feature=shared
zach | 1 years ago (raw) | root | parent | reply | flag +1 
 This is awesome. Definitely cleaner than my solution of concatenate and generate a key and hope the user never forgets their email+password 😂
nostr:nevent1qqsdzer5gwxhcmwk5as5snys2dxl2zr2arly067wdvka638djpgr5uspp4mhxue69uhkummn9ekx7mqppemhxue69uhkummn9emkjm30qy28wumn8ghj7un9d3shjtnyv9kh2uewd9hsz9rhwden5te0wdmkjumn9ehx7um5wghxcccppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qgjwaehxw309ac82unsd3jhqct89ejhxqgkwaehxw309aex2mrp0yhxummnw3ezucnpdejqzymhwden5te0wfjkcctev93xcefwdaexwxesrn2
PABLOF7z | 1 years ago (raw) | root | parent | reply | flag +1 
 It’s a nice idea and a great flow, but it suffers from some  problems:

Low entropy
You are still giving your nsec to a million apps (here only one party has it)
No possibility of “password recovery” here recovery can be achieved
zach | 1 years ago (raw) | root | parent | reply | flag 
 Yeah, there's no question your setup is far more elegant. This was just super easy to put together and test out. Definitely plan to move over to something more along the lines of what you're describing.