Oddbean new post about | logout
Boris | 1 years ago (raw) | root | parent | reply | flag 
 Why? To prevent a client leaking the key? Then just "login" with npub, most clients provide this feature.
greg | 1 years ago (raw) | root | parent | reply | flag 
 Ima actually thinking about for more normal folks that think in username and password instead of private key and public key. 

Create a way to allow them to give an email as username and set a password. Offer 2FA and a reset password flow. 

Then they can get their npub and/or their nsec so they don’t have to store it themselves

Eventually the hope is that clients support “login with WhateverWeCallIt” so it’ll insert the nsec automatically into the client (and for clients that store it locally, store it locally)

Further down the line I’d imagine it would be a way for folks to set which clients they want to give what access so that we can give people a way to get rid of the annoying NIP 7 pop ups. 

Mostly it is for folks that are less self-custody maxis, but still care about controlling what clients can do with their keys.
Boris | 1 years ago (raw) | root | parent | reply | flag 
 Well, this sounds like a custodian solution. It destroys the main advantage of nostr - absence of centralised places controlling our profiles. If all the private keys were stored in one "storage", then the government will go to that place (like it goes to facebooks and twitters) and install censorship there.

Also, normies don't use many clients. Install Amethyst and use it. Why to install many clients? If you are a geek kind of user, who is curious about software, I understand that. But it is not a big deal for such kind of users to copy-paste nsec from one app to another.
greg | 1 years ago (raw) | root | parent | reply | flag 
 But you can’t post or decrypt DMs with just an npub