Oddbean new post about login | logout Great work mate. You really put it together in a way that will work. Not taking on too much. Doing one thing well. Managing the complexity budget. Do you realize it works out of the box, with nostr? Just paste the privkey in your seed app, and it'll make a pubky: I verified the KDF etc.
Thanks. As much as I love the free hype, I will pour cold water on this though, I don't think just because you can take the same seed and generate two public keys on two separate curves, then you can call that working with nostr. You can't resolve a secp key from Mainline, not really my choice, just reality.
More importantly using your pubky root key as nsec goes against our philosophy of keys longevity. If you can of course put an npub in Pkarr packet as TXT record, but I don't think Nostr will integrate that. But maybe you can derive an npub from your pubky seed or something, I just don't see much benefit from that.
One thing I thought was cool is that in Pubky you don’t really use your keys that often huh
The very fact that we insist on identity sovereignty puts us at a disadvantage vs. say Bluesky where people pretend that they own their DID, but they don't. So if we can't avoid the onboarding cost of managing a root key, at the very least we owe it to ourselves to minimise that UX cost to the least necessary.
So you’re not using the priv key to sign any and every thing? For nostr, I was looking into a hardware signer device that would be able to have a whole nsecbunker running on it. But it seems like that doesn’t exist anymore
Not even some things, the only thing we sign (yet) is just a very short lived authentication token, which you send it to your homeserver and get a good old cookie (session) in return, and you use that going forward. In fact we also have a 3rd party authorization spec(and working code), so you can allow a web app to obtain that session without uploading the keys to that 3rd party app. We will properly go even further and make your root key only used once in the beginning, then use a delegated key for logging in when you get signed out... but we haven't went that far yet. For now, you use your key as often as you sign in to Gmail... very rarely
I will say integration with Mainline was genius. Never thought of that. Now we see it we think "why didnt someone think of it".
DHTs had a horrible PR past decade. Some like Fiatjaf and others only experienced them trhough and libp2p which is rightfully shit. Others who know better think that it is not viable to use a DHT as a database, missing the entire point, which is that a temporary censorship resistant routing table is better tha no censorship resistant table at all. I just went on to validate if it works, knowing that if it doesn't, nothing else will and we can just stop lapping. Sorry, but we will never bootstrap a million nodes of anything ever again. Finally some people are skeptic of DHTs vulnerability to Sybil attacks, and I am writing something about that to end this FUD once and for all, but even if they are right, the question remain, compared to what? Because there literally is no second best within the same order of magnitude even.
We are in unknown territory. Definitely worth a try.
Yes, makes sense. A 3rd party with access to both can verify. Or you can simply make 2 signatures, which is a very strong assurance. If you have rotation by design, then yes there will be philsophical differences. But the technical aspects remain sound.
But you can sign the nostr pubky and put it in you pkarr record. Two way link provides a fairly good claim.
Correct, in that sense Pubky keys are a bit better than Nip5 for individuals, since even with DNSSEC, you don't get the same sovereignty.
Given how fast pubky is, it shouldnt be a big deal. It's all PKI. The only challenge is when keys change and rotate. But that's a whole other problem. What we gain today is huge already.