Terrence on Nostr: 1. Practically speaking, no. The fact that the compute required to do this is so high ...
1. Practically speaking, no. The fact that the compute required to do this is so high is the only reason it is secure and works in the first place. But maybe something could be done by chaining keys rather than using the master key directly? I think the limitation here is making the "username" the public key.
It would be nice to have some kind of backup key. Perhaps one could generate two keys, one is used on the regular and the other is dumped offline for emergencies or more security conscious users.
Then in the event of a breach there could be a procedure to "revoke" or "redirect" that public key to a specific other private key (set ahead of time to prevent stealing the public key).
It would be interesting if Nostr supported some form of dual signature or certificate chaining. Perhaps there are two account keys, and one is capable of redirecting or taking the public key and generating a new private key for routine actions, while the other is used to sign routine actions.
It would be nice to have some kind of backup key. Perhaps one could generate two keys, one is used on the regular and the other is dumped offline for emergencies or more security conscious users.
Then in the event of a breach there could be a procedure to "revoke" or "redirect" that public key to a specific other private key (set ahead of time to prevent stealing the public key).
It would be interesting if Nostr supported some form of dual signature or certificate chaining. Perhaps there are two account keys, and one is capable of redirecting or taking the public key and generating a new private key for routine actions, while the other is used to sign routine actions.