Nostr Web Client

Will save this conversation and then ping here when is time to test it.

Don't think anyone here has implemented yet a nostr master key system as reference to learn from them, so will see how an implementation can look like. At least a nostr key rotating a PGP key seems fairly straightforward.

GHOST 1mo ago

You can build a signing chain, but it collapses the separation. If the nsec signs each new PGP key, the Nostr key becomes a permanent root authority and a single compromise breaks the entire lifecycle. The whole point of coordinating two systems is to avoid that failure mode.

With deterministic epochs, clients can verify rotation without deputizing nsec as a god key.

Once you have a stable root, rotation is just schedule + client support. Everything else is implementation detail.

Reply to this note

Please Login to reply.

Discussion

Viktor 1mo ago

yea dead on,don’t want that “god key” trap.

keep the nsec as blind entropy source, let deterministic schedule + clients handle the rest.

when you’ve got a proto ready i’ll eagerly whack it with Vector (DM me over NIP-17 if ya like) to see how it feels.