Oddbean new post about login | logout @Vitor Pamplona breaking ground as always. awesome stuff 🤙🏻🔥 nostr:nevent1qqsty58qjv5f7cfafn282upu4pd46h5ud4wfn7udvzrz4lwqp0n542spzpmhxue69uhkummnw3ezuamfdejsygzxpsj7dqha57pjk5k37gkn6g4nzakewtmqmnwryyhd3jfwlpgxtspsgqqqqqqskudavr
@jb55 it was mentioned using the iOS keychain as well. I’d love to see nsec storage on a yubikey-like device. A signer would be even cooler though.
Yubikey supports smart card signing/encrypting with PGP keys. I wonder if that could be repurposed to sign events with an nsec
I don’t think they support secp256k1
I've got some esp8266's kicking around. Might play around with trying to set up a usb signer
bluetooth signer would be ideal
No need to sign. Just reveal the private key. The goal is account recovery not signing security. The phone of a homeless person will be either stolen or lost every other month or so. They can get new phones, they just need a way to go somewhere and recover their accounts. :)
Will the thief have a copy of the private nostr key then. It's things like this why protocols based on cryptographic identity need to support ephemeral keys and certificates. The nostr key on the phone used to sign notes will be rotated every week or so. Each new key will be signed by a master key kept in cold storage with a declared validity of a week or so.