There should be a key change NIP for Nostr.
Could be interesting too if you had it so that you had designated accounts to confirm a key change too. Like I would use my brother @Jeff Swann and maybe @BTCsessions or someone else I know really well in the space as “trusted verifiers.” Then if my key ever got stolen, even though both myself and the hacker could sign, I could make it so only I could transfer it to a new key by asking my verifiers to sign.
Maybe that’s too convoluted, but I feel like there should be a key cycling method regardless.
Yeah!
nostr:nevent1qqsphfny8v9rplp98xdpd5efejuxcz3x79qyh30pmqcky3cy6vp9d0gpz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzpw08v4rt5pj9dmfsrk0990zflfywwznt7g5zheap4eefgasjqg7uqvzqqqqqqy02d7t3
@PABLOF7z (who else) had one that I’m not sure was ever merged but is in use. It involves creating an event defining a future key you might need to rotate to and then open timestamping that event to “notarize” the time.
I have some sort of odd mental block on remembering the number or the site on this one but I’m sure Pablo can fill in the blanks.
Convoluted?
no...
Confusing for tired brains like mine?
yes.
🥺🥺🥺
@Gzuuus is your guy: https://github.com/nostr-protocol/nips/pull/1032
"Social proof(optional): the event contains a list of people that the master keypair attaches to the revocation certificate as `p` tags. These pubkeys are designated as trusted identities that can judge/signal if the new proposed identity is trustworthy or not"
kind of like a multisig that has a master key. one dominates unless all 3 are used.
Surprising that revocation is not in the spec. 🤔
go for social recovery on nostr 👌🏻👏🏻
Yah social recovery for nip changes should totally be a thing.
Oddbean new post about login | logout