#asknostr
Any recommendations on storing Nostr keys safely for the future?
I know there are countless ways to secure Bitcoin keys, but havenβt heard much for Nostr
Login to reply
Replies (3)
Stamp it on steel π€·π½ββοΈ
You can't really have cold Nostr keys like with Bitcoin. Depending on OS there are options for signing software to decrease the attack surface, but the keys will be on an Internet connected device somewhere. Android has nip-55, supported by Amber, Nowser & Aegis. For other OS there is nip-46 for remote signing, using bunker software.
You don't hear much talk about it for the same reason that you don't hear much talk about safely storing your Lightning wallet's private key offline. Lightning keys need to be stored on an always online device, because they are used to update the state of your Lightning channel(s). Your key is used both for sending and receiving.
Nostr keys are similar. As Ryan mentioned earlier, your Nostr keys are used to sign for literally everything you do on Nostr, so you can't really keep them offline, or you'll constantly have to be digging out your signing device for every reaction, zap, comment, and post you make.
There have been some attempts to come up with a key delegation standard, which would allow you to have a master key that is kept offline, and it can sign to delegate a child key to have the authority to sign on its behalf, and that child key would be what is used regularly to sign for everything you do on Nostr. Meanwhile, the master key would be kept in an offline signing device and only used if the current child key was compromised and it was needed to sign to revoke that key's authority and delegate signing authority to another child key.
Unfortunately, it turns out that this adds a TON of complexity that every Nostr client would have to account for, and would break every client that currently exists until they could figure out how to implement it.