What do the wise sages of Nostr think of the following terrible grugbrain idea:
What if you create an ncryptsec and just put it in an event and on some relay somewhere. Then you could go to lets say a fresh amber install, fetch that event, decrypt it and just set up your new system while only needing a password.
The hash of the password could be included in the same event as the ncryptsec, and then u could use that to query your ncryptsec-event. This allows you to sign the ncryptsec-event with some random throwaway keypair. This way it is not appearent who's ncryptsec is tied to.
Other than 'what if the password is too weak' and 'QuAntUm' and 'how do you fix spam': why would this be a bad idea?
Replies (10)
Need to think about this….
So to clarify the flow is:
Create an ncryptsec with 'superpassword123';
Hash 'superpassword123';
Put both in an event;
Sign it with random throwaway keys;
Send event to *defaultrelayforsuchthings*.
Then later i get a new fresh phone;
Download amber;
Enter password;
It hashes the password;
Uses that hash to query *defaultrelayforsuchthings*;
Gets the event with the ncryptsec back;
Uses the password to decrypt the ncryptsec;
Loads in the retrieved nsec.
Done. All i needed was my 'superpassword123' and i am back up and running (and maybe specify a relay). Now i go to a zapstore-equivelent and 1-press install all the apps i was using.
Maybe the point of the idea is that we shouldn't 🤔 what could possibly go wrong🙃
Dunno. I’ve been thinking really hard about this stuff, so totally open to new ideas.
This probably still works, (I don't want to question your scheme)
https://github.com/antonioconselheiro/private-qrcodeI wouldn’t use a relay for storing critical info, the public relay would prob drop it at some point, or not treat it as critical data. And if it’s your relay, well, you could as well run your own bunker url
Ok i give you a phone fresh out of the box, at a random place in the world. All you have is an internet connection: how do you use your proposed bunkerurl?
As for data-availability; universal problem, see known boring sollutions such as redunancy, paying or selfhosting.
it is not a bad idea, just doesn't feel like a relay is the right tool for the job. It's Nostr, you don't need anyone's approval, do it and see if it sails.
Whats the difference between a relay and any other server on this world, other than the use of websockets and a few query conventions?
what's the difference between a bitcoin node and a postgres except for the use of websockets and a few query conventions?
