Oddbean new post about login | logout They don't need to delete. You just rotate the polynomial to a position the leaked key is not part of the polynomial anymore.
OK but can't the old shares still sign things for the same public key? Maybe I am missing something.
Signers have to agree on a polynomial to sign. My understanding is that once the leaked key signs with the wrong polynomial, the other signers can just reject that share.
I need to read more. But my intuition says, the old owner already had all shares necessary to generate a full valid signature, so that is impossible to verifiable lose. The only scenario that makes sense to me, is if the company from the start setup the key shares with a trusted 3rd party that assures the new owner that the previous owner doesn't have enough shares to sign on their own. maybe that is what you meant all along.
Yeah, but even more fundamentally you also dont know if the private key that is at the basis of the multisig exists somewhere. Transfer of ownership requires a record one way or another, and so we are back to all the ledger shannigans we are all too familiar with. I agree ICANN can't be beaten when it comes to this stuff; this means the problem has no 'solution', mere mitigation with trade-offs one way or another. Hence i am so bored and tired of thinking about this, and just grugbrain myself behind Nostr; because ultimately what we need is 'sort of good enough'+momentum=succes. I believe Nostr is sort of good enough and has momentum. Congratulations on building the Nostr's Ethereum