Oddbean new post about login | logout What's the state of Nostr hardware account recovery devices? I need to find a way to store the private key in an NFC/USB stick-like device with a self-contained biometric authentication to unlock the device and allow the person to log in with their account into another phone. It would work somewhat like a Cold Card but without having to memorize/store the unlock pin. Each person can then keep 3+ devices in separate trusted locations to allow them to recover their Nostr private key if they lose the phone. The use case is for the homeless population where memorizing passwords/words simply won't work and physical security is not good. But they do have a network of providers that can keep these keys safe for them. We just don't want to give access to the private keys to the hosts of the USB device. Things are getting real very fast over here.
You guys are so sophisticated. My nsec is backed up in a Google doc 🤣🤷 nostr:nevent1qqsty58qjv5f7cfafn282upu4pd46h5ud4wfn7udvzrz4lwqp0n542spz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzq3svyhng9ld8sv44950j957j9vchdktj7cxumsep9mvvjthc2pjuqvzqqqqqqy7dtc6a
That’s a paddling
Mine’s in OneNote.
Shame on you for using OneNote. 😒
Haven’t found anything better for note taking. Obsidian was great, but I’m tired of payment issues with Sync, and no, I’m not self-hosting my notes.
I write my notes to an NFS share that gets put on all my machines. Nixos is the shit
@Vitor Pamplona breaking ground as always. awesome stuff 🤙🏻🔥 nostr:nevent1qqsty58qjv5f7cfafn282upu4pd46h5ud4wfn7udvzrz4lwqp0n542spzpmhxue69uhkummnw3ezuamfdejsygzxpsj7dqha57pjk5k37gkn6g4nzakewtmqmnwryyhd3jfwlpgxtspsgqqqqqqskudavr
@jb55 it was mentioned using the iOS keychain as well. I’d love to see nsec storage on a yubikey-like device. A signer would be even cooler though.
Yubikey supports smart card signing/encrypting with PGP keys. I wonder if that could be repurposed to sign events with an nsec
I don’t think they support secp256k1
I've got some esp8266's kicking around. Might play around with trying to set up a usb signer
bluetooth signer would be ideal
No need to sign. Just reveal the private key. The goal is account recovery not signing security. The phone of a homeless person will be either stolen or lost every other month or so. They can get new phones, they just need a way to go somewhere and recover their accounts. :)
Will the thief have a copy of the private nostr key then. It's things like this why protocols based on cryptographic identity need to support ephemeral keys and certificates. The nostr key on the phone used to sign notes will be rotated every week or so. Each new key will be signed by a master key kept in cold storage with a declared validity of a week or so.
I would like to see this USB device with NFC capabilities as well, so to easy use with any smartphone. A fido key with nostr store capability would be cool
Would https://www.yubico.com work?
Currently using @Alby on 2 devices, will add third soon And Alby account pass saved in Notebook, and Can save it on Cloud to access anytime with anything. This working for now.
https://foundationdevices.com Has support for generating nostr keys You import it via qrcode or a microsd
What about this? https://github.com/lnbits/nostr-signing-device
I'm thinking about this .. what if they rely on a small usb device that is unique? But then you essentially just want encryption, and the storage is at these providers. Loose the usb device and you'll need to store new backups. Loose both usb and phone at same time and you're lost.
That's the idea. It would be great to have a nostr-based company providing them.
@NVK nostr:nevent1qqsty58qjv5f7cfafn282upu4pd46h5ud4wfn7udvzrz4lwqp0n542spz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzq3svyhng9ld8sv44950j957j9vchdktj7cxumsep9mvvjthc2pjuqvzqqqqqqy7dtc6a
Do you need to sign or just store?
Just store
Mk4 does that, you can generate 32 bit hex from bip85 or load it in the seed vault. Display as QR on screen.
Can the MK4 unlock itself with fingerprints instead of a pin? Pins are too hard for the homeless. A biometric version would be ideal.