Catesby on Nostr: reposting this blurb from one of my replies to #asknostr because I’m curious about ...
reposting this blurb from one of my replies to #asknostr because I’m curious about any thoughts on key security or updates in key management to help avoid loss/theft of nostr keys. I feel like nostr needs a signing device that can generate your key offline, airgapped and hold the keys and sign events only onboard like a bitcoin HW. I think it’s that important. This is probably where someone tells me this already exists! There’s https://nostrtool.com developed by KeithMukai (npub1tv8…7wn2) of the seedsigner project, which lets you create a #nostr key offline from a standard seed phrase, so the software already exists. Perhaps this could just be added to the seedsigner interface in the future?? That would be amazing. Anyway:
“The one fear I have is the single point of failure in the nsec key, and what happens if someone gets a hold of yours. Is there a permissionless 2FA that can be introduced to the login process? I saw Damus has the ability to sign some kind of termination event on your account if, say, someone started rogue posting with your stolen key, but I don’t know how the relays handle this or if other clients would still let them post as you. Someone could decrypt all your DMs with your key, etc. I suppose signing apps are one answer, where you only import your nsec key once, then use that app to sign an event that proves it’s you in order to log into other apps, but this key slinging is a bit scary, and should be treated with the same seriousness as guarding a seed phrase to a cold wallet. More is needed here to protect nostriches from key loss/theft.”
“The one fear I have is the single point of failure in the nsec key, and what happens if someone gets a hold of yours. Is there a permissionless 2FA that can be introduced to the login process? I saw Damus has the ability to sign some kind of termination event on your account if, say, someone started rogue posting with your stolen key, but I don’t know how the relays handle this or if other clients would still let them post as you. Someone could decrypt all your DMs with your key, etc. I suppose signing apps are one answer, where you only import your nsec key once, then use that app to sign an event that proves it’s you in order to log into other apps, but this key slinging is a bit scary, and should be treated with the same seriousness as guarding a seed phrase to a cold wallet. More is needed here to protect nostriches from key loss/theft.”