LynAlden on Nostr: Here's an #asknostr for today as I finish up a round of research. I've already looked ...
Here's an #asknostr for today as I finish up a round of research. I've already looked into this a lot myself but it's ever-changing and there are people way deeper than me into this.
Frictions and risks related to key management are often cited by critics as one of Nostr's limitations. You lose your key, and you lose your identity. Plugging your key into a bunch of different apps is not ideal, since the more you do, the bigger the potential attack surface is for a leak.
Restricting your usage to a couple apps or browser extensions, and using them to sign for other applications, seems to be the best method so far for minimizing the attack surface.
Looking beyond that, what sorts of protocol updates or app services are ideal to help minimize the frictions and risks of key management while keeping the protocol itself super simple as it is?
Frictions and risks related to key management are often cited by critics as one of Nostr's limitations. You lose your key, and you lose your identity. Plugging your key into a bunch of different apps is not ideal, since the more you do, the bigger the potential attack surface is for a leak.
Restricting your usage to a couple apps or browser extensions, and using them to sign for other applications, seems to be the best method so far for minimizing the attack surface.
Looking beyond that, what sorts of protocol updates or app services are ideal to help minimize the frictions and risks of key management while keeping the protocol itself super simple as it is?