kvvvk on Nostr: #[0] Still learning how to share on Nostr. Maybe the noteid is better #[1]
fiatjaf (npub180c…h6w6) Still learning how to share on Nostr.
Maybe the noteid is better
Maybe the noteid is better
quoting nevent1q…6096A #nostr development idea that keeps kicking around in my head.
What if my private key is compromised? Is there anyway that I could get control back? If Nostr becomes big, and I had a lot of followers, this would be a really big deal.
I believe some sort of solution to this exists, as Steve Gibson developed a thing called SQRL. A neat authentication system that could replace passwords. It hasn't taken off, but it has a very elaborate setup that allows for "re-keying" your identity if you ever "lose your private key".
I'm pretty sure it boils down to this:
You have a private key that you use to authenticated yourself day to day.
You have a super secret private key that you can use to tell websites "My private key has been compromised!" Please update my public key to this new one.
Perhaps a standard for this should be added to Nostr.
The Documentation to SQRL is listed here, https://www.grc.com/sqrl/sqrl.htm The relevant idea is called "Identity Re-Keying"
I think there is a lot of wisdom in SQRL that might be applicable to nostr security.