Avatar
Aye 2y ago

Any recommendations to improve the security of my nostr account?

What are the best practices for creating nostr keys?

Reply to this note

Please Login to reply.

Discussion

Avatar
21millions🧉₿🇦🇷🫂 | GMT -3 2y ago

Take it with a grain of salt, but in my opinion generating them with a client, locally in your devise and use it on as few new clients as posible. Every time you enter your nsec on a client you are trusting them to some degree (unless you know the code and have checked it)

If you use web clients like nostrgram, iris, etc... use a browser extention like Alby, so even if you still put some trust on a 3rd party you only do it once, on Alby for example.

Maybe consider getting a NIP-05 so if your account is compromised at least your followers can follow you by your NIP-05 to your new account.

Maybe have back up your follow list now and then, and your relay list, just in case if you have to get a new pair of keys, but this is not a bitcoin wallet, so loosing it is bad but not THAT bad I think

Avatar
Aye 2y ago

Thank you! All of this is new to me. I'm very used to btc that's why my concern. I read about nip-05 but I don't have an identifier. Is it possible to create one after having created the keys?

Avatar
21millions🧉₿🇦🇷🫂 | GMT -3 2y ago

Don't mention it!

Yes, is good to be careful with your keys but try to have fun :)

there are some services that gives you a NIP-05 for free and others are paid services, take a look around before you purchase any but is easy for people to @ you in notes

Avatar
El Gorila 🇦🇷 2y ago

Sumate al team @hodl.ar !

Avatar
Nicolas ₿ ⚡️ 🇦🇷🧉🤙💜 2y ago

en tu browser ya que tenés Alby Wallet, configurale la private key como Signer. De esa manera toda web que visites de Nostr, en vez de tener que pegar tu Private Key, Alby te la va a reconocer y te va a firmar por vos sin pegar la private key realmente.

Eso te va a dejar probar muchas cosas y otras implementaciones como snort.social, coracle.social, nostrgram.co, etc etc

Avatar
Aye 2y ago

got it, ya lo encontré y ya aprendí que es NIP-07 😄

Avatar
Ⲇⲍⲟⲅ 🥷 ⚡🏴‍☠️ 2y ago

Welcome !!

I recommend you to use rana to generate your pubkey

https://github.com/grunch/rana

and nos2x extension for the browser.

Avatar
Aye 2y ago

Thanks! I'll take a look

Avatar
Ⲇⲍⲟⲅ 🥷 ⚡🏴‍☠️ 2y ago

Great !! Pv 🤙🏼💜

Avatar
Nicolas ₿ ⚡️ 🇦🇷🧉🤙💜 2y ago

igual sólo para clarificar:

Rana lo único que hace es que tu pubkey tenga algo más de proof of work. Es decir si mirás mi pubkey que tiene npub1qqqq ... esas q es porque había corrido todo en hex antes con rana buscando 0 adelante

Pero no me da seguridad a la private key, sólo hace que tu pubkey sea "especial" pero nada más

Avatar
Aye 2y ago

ok, es un script que corres en tu computadora y te da una key especial. Generando tu key con alby o otra extension es lo mismo, todos corren en tu computadora localmente.

Avatar
Nicolas ₿ ⚡️ 🇦🇷🧉🤙💜 2y ago

si en realidad es sólo para tener una key nueva.. pero ahora que ya arrancaste con tu key no vas a cambiarla probablemente

Avatar
tpmoreira 2y ago

You can use the nos2x extension to access Nostr clients (Snort, Damus, etc) and a password manager to store your private key, like KeePassXC or Bitwarden.