kvvvk on Nostr: A #nostr development idea that keeps kicking around in my head. What if my private ...
A #nostr development idea that keeps kicking around in my head.
What if my private key is compromised? Is there anyway that I could get control back? If Nostr becomes big, and I had a lot of followers, this would be a really big deal.
I believe some sort of solution to this exists, as Steve Gibson developed a thing called SQRL. A neat authentication system that could replace passwords. It hasn't taken off, but it has a very elaborate setup that allows for "re-keying" your identity if you ever "lose your private key".
I'm pretty sure it boils down to this:
You have a private key that you use to authenticated yourself day to day.
You have a super secret private key that you can use to tell websites "My private key has been compromised!" Please update my public key to this new one.
Perhaps a standard for this should be added to Nostr.
The Documentation to SQRL is listed here, https://www.grc.com/sqrl/sqrl.htm The relevant idea is called "Identity Re-Keying"
I think there is a lot of wisdom in SQRL that might be applicable to nostr security.
What if my private key is compromised? Is there anyway that I could get control back? If Nostr becomes big, and I had a lot of followers, this would be a really big deal.
I believe some sort of solution to this exists, as Steve Gibson developed a thing called SQRL. A neat authentication system that could replace passwords. It hasn't taken off, but it has a very elaborate setup that allows for "re-keying" your identity if you ever "lose your private key".
I'm pretty sure it boils down to this:
You have a private key that you use to authenticated yourself day to day.
You have a super secret private key that you can use to tell websites "My private key has been compromised!" Please update my public key to this new one.
Perhaps a standard for this should be added to Nostr.
The Documentation to SQRL is listed here, https://www.grc.com/sqrl/sqrl.htm The relevant idea is called "Identity Re-Keying"
I think there is a lot of wisdom in SQRL that might be applicable to nostr security.