Ok, points taken. Right now there is a single root of trust: npub. NIP-05 is NOT a ...

npub1acg…p35c

2025-02-17 20:39:43

in reply to nevent1q…fy6a

Ok, points taken.

Right now there is a single root of trust: npub. NIP-05 is NOT a root of trust. It is never the case that if somebody's NIP-05 changes then clients start using the new npub transparently. It is only the case that if you didn't even know their npub you could learn it that way and then start rooting trust in the newly learned npub.

So the solution to all of our problems is for clients to manage multiple roots of trust, and transparently so for the average user.

Clients that want to do this will have to track which root of trust they use on a per-person basis:

pkarr: For you, maybe I start from pkarr, go to your domain and get your nostr information.

nip05: For Elon Musk maybe i use the nip05 at x.com... and if his npub changes I trust the nip05 more than his npub (not sure that's a great idea but whatever).

npub: For most people I know through nostr, I root the trust in their npub (and they have no way to rollover that npub because I then lose the root of trust).

ed25519: For future crypto people I root trust in their ed25519 key and maybe lookup data in Mainline DHT.

This adds immense flexibility and openness, solves key rollover, etc... but it also totally violates the "just one way to do things" and KISS principles.

Author Public Key

npub1acg6thl5psv62405rljzkj8spesceyfz2c32udakc2ak0dmvfeyse9p35c

Seen on

wss://nos.lol wss://nostr.mom wss://relay.primal.net

Show more details

Published at

2025-02-17 20:39:43

Kind type

1 Short Text Note

Event JSON

{ "id": "61d51cf854c75d7a008d57322c20864ce09893799ece0f6d030a96e2801543c0", "pubkey": "ee11a5dff40c19a555f41fe42b48f00e618c91225622ae37b6c2bb67b76c4e49", "created_at": 1739824783, "kind": 1, "tags": [ [ "p", "930ccef12372dd2f16057cfc54f0dbd94335d8b51b4e2737236b00cab718fcd9" ], [ "p", "4b5ebf446764e330644d4162924a86a73c5173098cbb00db0a690b097006a08e" ], [ "p", "c1908db31587108f839c546cd9bb3528da13eea4d5527b873664cf32a86202e4" ], [ "e", "bd851221b943244eac019368b82062d61b04a1e50c7034d3af1e34e3e8763683", "wss://ditto.pub/relay", "root", "4b5ebf446764e330644d4162924a86a73c5173098cbb00db0a690b097006a08e" ], [ "e", "2c5679e633129f87985216caa640b3c6bcf3575a52f7f81cb5408ac387895bcd", "wss://wot.utxo.one/", "reply", "930ccef12372dd2f16057cfc54f0dbd94335d8b51b4e2737236b00cab718fcd9" ] ], "content": "Ok, points taken.\n\nRight now there is a single root of trust: npub. NIP-05 is NOT a root of trust. It is never the case that if somebody's NIP-05 changes then clients start using the new npub transparently. It is only the case that if you didn't even know their npub you could learn it that way and then start rooting trust in the newly learned npub.\n\nSo the solution to all of our problems is for clients to manage multiple roots of trust, and transparently so for the average user.\n\nClients that want to do this will have to track which root of trust they use on a per-person basis:\n\npkarr: For you, maybe I start from pkarr, go to your domain and get your nostr information. \n\nnip05: For Elon Musk maybe i use the nip05 at x.com... and if his npub changes I trust the nip05 more than his npub (not sure that's a great idea but whatever).\n\nnpub: For most people I know through nostr, I root the trust in their npub (and they have no way to rollover that npub because I then lose the root of trust).\n\ned25519: For future crypto people I root trust in their ed25519 key and maybe lookup data in Mainline DHT.\n\nThis adds immense flexibility and openness, solves key rollover, etc... but it also totally violates the \"just one way to do things\" and KISS principles.", "sig": "e254fb2744c78f2aed3cc71efd9c96fb45b49401c742e35f487dc14c210aa28dd6755f597f6180c26d5c2b180b48d200eb340734faf2684afcee1ab1fbb4cac6" }