dikaios1517 on Nostr: Great question! The short answer is no. However, FROSTR is a very interesting way to ...
Great question! The short answer is no.
However, FROSTR is a very interesting way to have multi-sig for Nostr signing. However, each key shard is still kept hot. These are not child-keys so much as portions of a full key that are split apart so that it takes a quorum of the parts in order to sign.
This is being used in Njump's new onboarding tool announced here:
nostr:
The way it is implemented, signing requests are sent to the key-shard custodians via NIP-46 and are automatically approved. Pretty cool idea, but not an answer to the key management problem entirely.
However, FROSTR is a very interesting way to have multi-sig for Nostr signing. However, each key shard is still kept hot. These are not child-keys so much as portions of a full key that are split apart so that it takes a quorum of the parts in order to sign.
This is being used in Njump's new onboarding tool announced here:
nostr:
quoting nevent1q…xvrrSay hello to Nstart, Nostr's onbarding tool!
Nstart aims to guide new users to Nostr offering a easy and no-nonsense onboarding wizard, with useful hints about the protocol and some really exclusive features:
- Easy local backup of your nsec or ncryptsec
- Email yourself your ncryptsec, as additional backup location
- Create a multi-signer bunker URL for Nostr Connect (more info below)
- Auto follow the contacts list of some old and trusted Nostr users
- Customize of contact suggestions, useful for onboarding friends & family
Try Nstart live at https://start.njump.me or watch the video below to understand how it works.
A note about the multi-signer bunker. This is really cool stuff made by fiatjaf (npub180c…h6w6), that uses FROST to split your nsec in 3 (or more) and distribute each shard to an independent trusted remote signer. This will give you a bunker code that you can use to log in to many web, mobile and desktop apps without exposing your nsec. If you ever lose your bunker code, if the signers vanish from Earth, and it stops working, or if it gets stolen by a malware virus, you can use your nsec to create a new one and invalidate the old one.
More info and source code: https://github.com/dtonon/nstart
Enjoy it and send back any feedback!
The way it is implemented, signing requests are sent to the key-shard custodians via NIP-46 and are automatically approved. Pretty cool idea, but not an answer to the key management problem entirely.