Oddbean new post about | logout
PABLOF7z | 1 years ago (raw) | root | parent | reply | flag 
 Nah, that would defeat the purpose; this will be infra that I’m guessing clients will happily subsidize.

Running a bunker has a marginal cost of basically zero. We’ll find another way of preventing abuse like some PoW on the browser or something like that.
nielliesmons | 1 years ago (raw) | root | parent | reply | flag 
 Neat! Damn that solves a looooot for the normies. 
Time to start editing some signup flows 👌
petri | 1 years ago (raw) | root | parent | reply | flag 
 Does that mean you need to trust the first key issuer and if they are compromised the rest is as well?
PABLOF7z | 1 years ago (raw) | root | parent | reply | flag +3 
 No, the first client never sees the nsec. You’re only trusting the nsecBunker backend operator you use and with NIP-41 even if the bunker becomes malicious you’d have a way forward.

Also, bunkers are economical actors and becoming malicious requires them signaling they are malicious.

Keep in mind where people are coming from now, normal operations is you never can control your account nor have a recourse if the operator censors/revokes your access. This is a way for normies to compete with that state of affairs.
petri | 1 years ago (raw) | root | parent | reply | flag +1 
 I meant the bunker. Just trying to understand from the perspective “trusting a 3rd party is a security threat as a default”. They need not to be adversarial but just get hacked.

We need easy-to-use solutions, and almost anything is better than centralised silos 😁

Farcaster’s Passkey was a nice implementation to make it easier for regular users, and also allowing to pay with Apple the reg&storage fees.