I would like to believe that, but there are some usecases where they are useful. An example would be advertisement over audio. I can't plug a product identified by 52 characters. And these situations will happen all the time, there won't always be a way to share a url or qr.
Another reason to use ICANN is for organisations. You can't sell your company's public key, but the domain is an automatic property of the new owner. I think even if we only use keys, we will reinvent registrars for these use cases.
You can do vanity npubs for corps in a FROST design where they can swap keys as needed without changing the npub. Key discovery/completion goes through the user's WOT graph.
In my understanding, FROST can't help you here, because the new owner has no way to confirm the previous owner deleted their key shares. I could be wrong, would love to be surprised. Ed25519 too can do FROST so that will be good news.
They don't need to delete. You just rotate the polynomial to a position the leaked key is not part of the polynomial anymore.
OK but can't the old shares still sign things for the same public key?
Maybe I am missing something.
Signers have to agree on a polynomial to sign. My understanding is that once the leaked key signs with the wrong polynomial, the other signers can just reject that share.
I need to read more. But my intuition says, the old owner already had all shares necessary to generate a full valid signature, so that is impossible to verifiable lose.
The only scenario that makes sense to me, is if the company from the start setup the key shares with a trusted 3rd party that assures the new owner that the previous owner doesn't have enough shares to sign on their own. maybe that is what you meant all along.
Yeah, but even more fundamentally you also dont know if the private key that is at the basis of the multisig exists somewhere. Transfer of ownership requires a record one way or another, and so we are back to all the ledger shannigans we are all too familiar with. I agree ICANN can't be beaten when it comes to this stuff; this means the problem has no 'solution', mere mitigation with trade-offs one way or another.
Hence i am so bored and tired of thinking about this, and just grugbrain myself behind Nostr; because ultimately what we need is 'sort of good enough'+momentum=succes. I believe Nostr is sort of good enough and has momentum.
Congratulations on building the Nostr's Ethereum
namespaced directories can be server via other more trusted entities, but there is no need for a monopoly on it (WoT)
Oddbean new post about login | logout