Subnostr

hmm interesting.

on key rotation - i'm guessing if they wanted to trash the old key, maybe they wanted to trash all information and content related to that identity, including the nip-05 identifier ? are there other reasons why someone will get rid of all related to the old key, but keep the identifier?

what would help though is to carry forward your identity to a diff npub/nsec. Say for example, for whatever reason I have to clear off all connections to my nostr accounts - and i cant keep the nsec written anywhere if my laptop is compromised. In that case, it will be hard to login back to my nostr account because nsec is not easy to memorise. But with an nip-05, it can be a security later to access your account. But i guess it has to be a private thing or maybe an in-built private security. then again, whatever that has access can be compromised. tough world!

daniele 2y ago

I was speculating about a key rotation for a security breach, or because the user lost the private key. In these cases you *want* to create a easy way to connect the two accounts and promote the last one as official.

About your idea of using a nip-05 address to login: you could add to the json a new field "encrypted_key" and there store the nsec protected by a password using a widely used algorithm. This way, you can bootstrap your account starting with a new device, just fetching the nip-05 data and decrypting the nsec with a memorized password.

Reply to this note

Please Login to reply.

Discussion

pam 2y ago

i have no idea what this means but glad there is a solution!