Nsec *is* a password and vice versa, so why not just store your proton password in a remote bitwarden if you want a bunker-like solution without nostr? But also, why wouldn't proton just allow nostr logins too?
Login to reply
Replies (8)
Currently NSEC is acting as a one key to rule them all concept. People are plugging their one key into all kind of apps, some secure, many not. If any of those apps are compromised, your entire account and every thing you logged into is compromised.
This is akin to using one password on all your accounts. It's bad OPSEC.
What I mean is we need a way to create multiple keys based on that ONE key pair, similar to creating a unique password for every account. This way, if one Nostr based app is comoromised only that "baby" key is compromised and not the "master" key that it came from. An option to "freeze" these keys or delete would be even better.
100% this. Its the same reason I don't play with nostr apps, clients etc.. I'd love to have my Nostr nsec on, say, a cold card. Creating sub keys now and again, and being able to trash them and create new in the case ifva hack etc..
Oh yeah totally agree! One key to rule them all is a huge problem.
Akin to address reuse in BTC in 2010, we worked hard to solve that the manual direct way long before BIP32 made the issue trivially easy to avoid.
There's more value if folks can get intuitively comfortable with handling multiple keys, not necessarily the hard way but most likely that'll be most effective, before tools make it seem like magic.
TRUST MINIMIZED NSECBUNKER w/ FROST ๐๐ฅถ
Here's a demo of my new Nsecbunker implementation with FROST signatures! This works by creating a 2-of-2 frost signature scheme, which means that unless both a malicious client and bunker conspire to rug you at the same time, you are safe. ๐งต
View quoted note →
I'm sure someone has thought of this before... But, you can just generate new key pairs for different things. Why use just one key pair?
I have separate keys for my home, car, work tool boxes, etc.
This has always been my big beef with #Nostr.
Wasn't much of an issue when Nostr was just social media. But now it's growing into much more. So, now it's a big problem
Nip46 remote signer is close to this solution, although a device with the master key needs to be active to complete the signing. I think nip46 has a better trade-off balance because all clients don't need to support the solution to associate those events to your account.
Both your idea and nip46 have a common flooe: the master key must remain a secret.
Bunker is slowly becoming an excepted standard, I have it on pollerama as well, will soon have it on formstr too.
Frostr was very promising and would be the perfect solution, but I think it's still very early and haven't really seen any updates in the recent past.