Oddbean new post about | logout
Duncan Cary Palmer | 1 months ago (raw) | root | parent | reply | flag 
 Hi, Ross...

I've read of, and share (limited by my superficial understanding) concerns about securely personally maintaining and managing that ownership and portability.

I understand the basis of that to be the asymmetric encryption of my nsec/npub keypair. I've invested considerable time interacting on nostr, but what of heavy reuse of my nsec? What if it were to become exposed to bad actors, or lost? Is keypair succession being worked on?

I won't say these things keep me up at night (yet), but I do wonder...
rossbates | 1 months ago (raw) | root | parent | reply | flag +1 
 I'd be lying if I told you I didn't feel the same way at times. Taking full responsibility for your keys is hard, but I've also learned it’s a good signal of the value of learning how to do it right. To practice getting better at it in low risk environments, so it doesn't feel like a burden.

Nostr is honestly a great place to learn. Let's be honest, at this stage if someone loses their keys it won't be the end of the world. The other thing is, on nostr there is value in using your keys to sign notes, notes that are tamper proof and tied to you at the time you created them. Nobody can retroactively take that from you.

We'll still need better key rotation and delegation schemes to ensure longevity, but this is different from losing your key and losing everything associated with it all at once.
Duncan Cary Palmer | 1 months ago (raw) | root | parent | reply | flag 
 Hey Friend,

Thanks for your comprehensive answer...🙏🏻😆👍

Do you have an assessment of the realistic threat level of the extensive key reuse the current setup requires? 🤔🧐❔❓
rossbates | 1 months ago (raw) | root | parent | reply | flag 
 Threats are inversely related to what's at risk. When you mention extensive key reuse, that can mean a variety of things. Are you referring to the number of notes being published or the number of clients using the same key? I suspect it's a combination of both.

That said, it's difficult to provide a global risk assessment. If someone like ReplyGuy has their key compromised, the impact is minimal. However, if a more prominent figure like Jack, Gigi, or ODELL gets compromised, the damage is more significant—it sucks, but it's still localized to them.

This brings us to a kind of structure or formula: the longer a key is in use, generating valuable and trusted information, the more reputation it builds and the greater the associated risk. There's a (time x value) equation tied to each pubkey, and this value doesn't begin at the network level, it originates bottom up from the consumer level. Ultimately, it's the recipients of the key's information who determine its value across time—the creator doesn't get to decide. 

Think about how nuanced that is, the biggest risk in losing a key is to the person (or machine) that seeks trust from others. The flip side in the risk equation is when that entity breaks the bonds of trust - then every recipient in their network suffers. You don't need to lose your key to do that though.