Thanks nostr:nprofile1qqsw9n8heusyq0el9f99tveg7r0rhcu9tznatuekxt764m78ymqu36cpzdmhxue69uhhwmm59e6hg7r09ehkuef0qy2hwumn8ghj7enjv4h8xtn4w3ux7tn0dejj7qg4waehxw309aex2mrp0yh82arcduhx7mn99ueat4s3 and contributors, was fairly easy to deploy 🫂
nostr:nevent1qqs0fl97wzxsdz06qduxgrxl79jdus0xg06rhcxlhau80tvmfa9y5ygpzdmhxue69uhhwmm59e6hg7r09ehkuef0qgsypwwgtll74lqu4huvxzjwtjyxvrlkujt35rw8y026ke6ttesmg5grqsqqqqqp94r2cv
Ok I was testing it before 1.8. Seems that now it's optional
nostr:nevent1qqs944u0zmnc3n0j5tq8ny4yqq03a2hhq7r096ls0qqmjz7pwy9cg4qpzpmhxue69uhkummnw3ezumt0d5hsygps0q4gxgahex93wtz69tmjq6ac9q7x2klxmh8pzyekzxsr6hc3wupsgqqqqqqs6rz8ll
I think the core of this can be to establish a relation between profiles using the kind 0. We have a field to explicitly tell everyone that a pubkey is/belongs to a bot. We can do the same for master and subkey relations. Doesn't seems to add much complexity
Yes, that would be a mess, but the master public key can simply announce its currently in use subkey by establishing this relationship in its kind 0. This effectively creates a signed 'certificate' that links a master key pair with its subkeys. Additionally, subkeys must also specify this relationship in their kind 0, providing two-way verification since both the master key and subkey certify their connection. In this way, the master key pair becomes the source of truth for where to find the current activity of the user/entity. There maybe more details and edge cases to cover, but for a note it's enough, happy to keep discussing 👌
I completely understand your point, but it's not what I was trying to convey. I'm thinking about how we can create a more robust security model for accounts, ensuring that users can maintain their reputation, wot, and at the end the value of their account.
My idea is not to have one subkey per device, but rather to have a master keypair and an active subkey (which can be improved upon in the future to accommodate more use cases, but for now, let's focus on one master key and one subkey). The master key becomes the source of truth and designates a subkey as the current one in use.
In the event that the subkey is compromised, the master key can inherit the reputation and data generated by the subkey, serving as a kind of backup and support. The user can then migrate to a new subkey and update the master's metadata to attest to the new subkey in use. This approach maintains reputation and aggregates it in a single, well-known source, while also solving the poor user experience of rotating public keys.
Currently, the most frequent way i've seen people dealing with this case, is publishing a kind1 message telling everyone, which is often only published once, making it likely that a significant portion of contacts will miss the update. This new approach would improve upon that, but its just an idea tbh.
The ux would remain largely the same as it is today, since the master keypair wouldn't require frequent interaction, making it suitable for cold storage use cases. The only additional steps would be to attest the relationship between the keys initially, and in the event of a catastrophe or key rotation, where the master keypair would voluntarly inherit the reputation and value of the rotated account and attest to the new one.
nostr:nevent1qvzqqqqqqypzqs9eep0ll6hurjkl3sc2fewgses07mjfwxsdcu3at2m8fd0xrdz3qyv8wumn8ghj76mgv968yafwdehhxarjv4jjumt99uq3wamnwvaz7tmjv4kxz7fwdehhxarj9e3xzmny9uqzpngc7pjx2fl38hs3t3vdvzar3emc00mxgn73ydt0kq9l4g7d0r09xyvj4m
Yea, but then you make everyone rely on 3rd parties bunkers, or push them to run a server 24/7. Also in that way subkeys will pollute relays since they are just made to trigger the bunker and get a signature from the master pubkey
You're welcome 🤝 be aware top up its a bit clunky, first time I used the service though it was an scam xD it takes a bit to appear the funds in your account
Web linamp?
nostr:nevent1qqsvlp62q3a7ckyayv4cvhwh9y0rj4hx76uwsw5dv52f5tg8hnwx6ucpz9mhxue69uhkummnw3ezuamfdejj7q3qaljazgxlpnpfp7n5sunlk3dvfp72456x6nezjw4sd850q879rxqsxpqqqqqqzkxhwev
Bravo! Amazing release, I was testing transient accounts but cannot make it work, first Zeus was popping all the time when tapping, then I tested without Zeus in a fresh amethyst and the ncrypsec appeared but as a collected NFC tag, nothing related with ame. I'm doing something wrong? Tested on graphene
Maybe nostr:nprofile1qqsxg45ph8gx0vdrvtzta6xal7v86frx6jvstsnvhrlvtehmwwh4epqpzemhxue69uhhyetvv9ujuvrcvd5xzapwvdhk6qghwaehxw309aex2mrp0yh8x6tpd4ehgu3wvdhk6qg5waehxw309aex2mrp0yhxgctdw4eju6t04vkzjx can help
In phoenix you need enough liquidity in your channel, to receive the amount of sats and later to pay onchain, they use splicing so if you are going to pay onchain the size of your channel will decrease by the amount of sats you are trying to pay. Its not the most recomendable way to do so, just for payment that can fit in your channel liquidity and that will not let your channel empty. Use one of the other tools I mentioned. Boltz, sideshift are super easy and made for this, coinos.io is also super easy, you just send sats to a newly created wallet, and then pay to a btc address. The other options I mentioned, are p2p exchanges, they can be less intuitive to use for this case, but they will maximize your privacy
I think this is a miss conception there is not such a one way wallet, there is bitcoin, and lightning, some wallets have interoperability between those and others dont
I don't know if any of you are familiar with minibolt. If you want to run a bitcoin node, and do it all by yourself, this is one of the best guides out there
Minibolt DIY Bitcoin node+, https://v2.minibolt.info/
Check it out: https://nostree.me/gzuuus/bitcoin
Some adventurous designer out there? #asknostr #nostrdesign
nostr:nevent1qqs8kjtqs0fegxtt9g3xj3hqxr23e0fy3t9mzfrvke697h5tz9fudfcpzpmhxue69uhkummnw3ezumt0d5hsygzqh8y9lll2lsw2m7xrpf89ezrxplmwf9c6phrj84dtva94ucd52ypsgqqqqqqs4qzv37
There will be different tools to clean your contact list based on different criteria. My idea is to show a range selector and let the user play with the amount of time you want to filter. But the focus of the app is provide a solution to visualize your contacts, as a contact list app ( as the phone one ), navigate them, filter them by different criteria, and provide a complete tool for users to really be in control of their contact list
I've been tinkering with a new micro app in my free time, born out of a personal need to clean up my follow list. After following so many people during my time in nostr, I wanted to remove old and unused accounts. As I worked on it, I came up with more ideas to enhance its functionality. Now, I'm excited to implement these new features!
The goal is to create a micro app that gives you total control over your follow and contact list, allowing you to perform various actions, and navegate it with ease. I'm looking forward to releasing it soon!
The app have some visualizations that are quite special, I'd love to get feedback from a designer's perspective. If you're a designer who's curious or wants to collaborate, please don't hesitate to drop a comment! #nostrdesign
Oddbean new post about login | logout
Notes by Gzuuus | export