These are my thoughts so far… Right now, Nostr already has “event signer” apps ...

npub1man…n9tn

2025-03-15 14:52:08

in reply to nevent1q…2zru

These are my thoughts so far…

Right now, Nostr already has “event signer” apps and browser plugins (for both web and native clients), which limit exposure to a private key by providing “signing” services for the “numerous” clients that need to sign events.

A new class of “key manager” apps and browser plugins, in addition to offering “event signing”, would primarily limit exposure to a “master” private key by providing “disposable” keypairs that could be used in any client. Such a key manager could “simply” deactivate any of the keypairs it has generated, without effecting the underlying signed events OR the profile that created them. Newly generated keypairs would all be able to sign for the same events.

This technology is already specified and in wide use as Bitcoin BIP32.

An onboarding client, being a users “first” app, would be an ideal client to provide such “key management” services.

quoting nevent1q…pa5z
How is this better than “simply” having a “master” key pair (like Bip32 “xpub” and “xprv”) that generates disposable pubkeys for use in any client? (where the “xpub” is actually exposed for anyone to verify the “ownership” of generated pubkeys)

AFAF : Dr. Hax (npub16v8…eqha)

Author Public Key

npub1manlnflyzyjhgh970t8mmngrdytcp3jrmaa66u846ggg7t20cgqqvyn9tn

Seen on

wss://relay.nostr.band wss://relay.primal.net

Show more details

Published at

2025-03-15 14:52:08

Kind type

1 Short Text Note

Event JSON

{ "id": "146b6b4a425e07b934eec4cc916a910a9599b5eec54803dc64e30bb014aa97f1", "pubkey": "df67f9a7e41125745cbe7acfbdcd03691780c643df7bad70f5d2108f2d4fc200", "created_at": 1742050328, "kind": 1, "tags": [ [ "e", "6dc0481bf7cf27a33703ed83232701e7ce281bc0cbdc877a0a8a99ab15ffa5d2", "", "root" ], [ "e", "32509d030abafce07ebb1ebf3728f06bbf4e41d4c26c184012392275a476bf0b", "", "reply" ], [ "p", "b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823" ], [ "p", "df67f9a7e41125745cbe7acfbdcd03691780c643df7bad70f5d2108f2d4fc200" ], [ "q", "dfdd985a18964a7c8c396699c20807829e191b5586c36f86336ebe3203c66cd1" ], [ "client", "Nostur", "31990:9be0be0fc079548233231614e4e1efc9f28b0db398011efeecf05fe570e5dd33:1685868693432" ] ], "content": "These are my thoughts so far…\n\nRight now, Nostr already has “event signer” apps and browser plugins (for both web and native clients), which limit exposure to a private key by providing “signing” services for the “numerous” clients that need to sign events.\n\nA new class of “key manager” apps and browser plugins, in addition to offering “event signing”, would primarily limit exposure to a “master” private key by providing “disposable” keypairs that could be used in any client. Such a key manager could “simply” deactivate any of the keypairs it has generated, without effecting the underlying signed events OR the profile that created them. Newly generated keypairs would all be able to sign for the same events. \n\nThis technology is already specified and in wide use as Bitcoin BIP32.\n\nAn onboarding client, being a users “first” app, would be an ideal client to provide such “key management” services. \n\nnostr:nevent1qqsdlhvctgvfvjnu3sukdxwzpqrc98serd2cdsm0sceka03jq0rxe5gzyr0k07d8usgj2azuheavl0wdqd530qxxg00hhtts7hfppredflpqqqcyqqqqqqgpp4mhxue69uhkummn9ekx7mqpzemhxue69uhhyetvv9ujumn0wd68ytnzv9hxgqguwaehxw309ahx7um5wghxy6t5vdhkjmn9wgh8xmmrd9skczjpa5z", "sig": "af5c0cdeb49f9c8dcdfc27086b2bc5fe4e122342e7c9e25b9a1d82d262043c12bf813539501f2ddadc606ed7f09edb1abb53b5183b283dd4a0a967b3ed03096c" }