Replying to Avatar Carlos Reyes

#[4]​ I’m thinking people can post with your npub as the clients do not require nsec to post..

??
Avatar
Smitty 2y ago

The public/private key pair make up your "account" the public key is derived from the private key but the private key cannot be derived from the public. In order to post an event you must hold the private or nsec key so the client can "sign" the event or the protocol will not accept said event

If one only has the public or npub key all you can do with it is view the account details, you cannot sign events and therefore cannot change profile details, post, etc

So, in summary, no one can post with only the public npub key.

Reply to this note

Please Login to reply.

Discussion

Avatar
Carlos Reyes 2y ago

I just signed in with #[3]​ ‘s npub and I can read some kind of messaging thread… still a bit confusing.

I get that the nsec makes the npub signing complete but it is unusual to see these messages that maybe the senders are assuming will be private.

Avatar
Smitty 2y ago

You should be able to do the same with anyone's. My understanding. Public messages are not encrypted, but I believe DMs are encrypted meaning you can see events and profiles but not DMs.

Avatar
Carlos Reyes 2y ago

Not sure what these are but I clicked on the envelope icon..

Avatar
Smitty 2y ago

Here's what I see in DMs using a public key .... Gibberish as I don't have the private key to unencrypt. I can see who they were talking to just not what. I believe this is consistent across clients for this event type.

Avatar
Carlos Reyes 2y ago

Outstanding!!!

This clears my doubts 100%

I now understand nostr npub and nsec much better.

Thank you to each of you for helping out!

THANK YOU #[3]​ !!!!

Nostr rocks!!

#plebchain