1. npub is burned, can't post what I don't have the keys for. 2. Official GrapheneOS forum page: https://discuss.grapheneos.org/u/final 3. https://stacker.news/final Trust me or not, it's up to you. All zaps are going to the original address the old npub has as you can see on my profile so I earn nothing doing this. You're free to contact another GrapheneOS team member.
Thanks the links lend as much credibility as your old npub. It would be nice to have a better way to do npub key rotations.
I understand. I imagine I have really annoyed a ton of people but oh well. Key pairs for Nostr are great for verification but are a disadvantage towards certain security measures. Nsec is only as secure as the app that generated it and is only as secure as the least secure platform you stored/used it on. Takes a lot of responsibility, which I'm fine with, but most people aren't. If you want to change security requirements (like me) you likely need to burn your key... I guess it's no different to PGP keys that expire on a set time but I'd really be waiting for a dedicated secure hardware signer before I ever share my Nostr nsec keys on any other app or device... and id probably also rotate my keys again if a device existed.
Why not create a new nsec/npub first, post from your original identity indicating the new npub, then burn your old npub? To just burn and start over with the same underlying identity, I would like to know why that is a preferable procedure?
That would be the standard procedure, but circumstances about the event meant I couldn't. Users should announce change of keys if able to.
If planning ahead, could plant a SHA-256 message somewhere in your feed, then if you ever need to use it you can post the clear message on your new npub and point to the old SHA, to show that you were the one that posted the message on the old npub
Wasn't really something I looked into since it was extremely unexpected. Also up to believe official GrapheneOS platforms would suffice in announcing my key change. I dont want to spread fear by people misunderstanding a personal and isolated incident as a GrapheneOS one.