Nostr Web Client

I love the decentralized nature of Nostr, but I have a nagging concern about my Nsec. If this secret is ever compromised, my entire identity across Nostr is compromised.

Is there a method to rotate breached nsec based on my npub? How would this work?

I would only possess an authenticate token, my npub, that anyone would know or could find out. I like how private Nostr is, but without having my nsec/npub associated with another identity like my email, it seems like I must protect my nsec at all costs.

I store my nsec in 1Password, so I’m not overly concerned about disclosure of my nsec locally, but I worry that another strength of the Nostr ecosystem (as I understand it after using it for 48 hours) could prove to be a security weakness: all Nostr clients must protect my nsec equally. If one of them ever mis-handles this secret, my entire Nostr identity is compromised.

Am I understanding Nostr Authentication properly?

#asknostr

Reply to this note

Please Login to reply.

Discussion

Ryan 3mo ago

Use a signing app, then only one app will have access to your private key.

Android only. Supports most Android apps & bunker connections.

https://github.com/greenart7c3/amber

Cross platform, supports bunker connections.

https://github.com/ZharlieW/Aegis

https://github.com/haorendashu/nowser

unl0ckd 3mo ago

I will look into these, thanks for the pointer!

The problem now is trusting the signing app :(

Is there an official Nostr governing body that can set standards and guidelines here or is it early enough that the community is doing so from the ground up? It seems like the latter, but I’m still a Nostr n00b.

Ryan 3mo ago

Nostr has no governing body. Community driven development.

Of the 3 apps Amber is the most mature, and is made by nostr:nprofile1qqs827g8dkd07zjvlhh60csytujgd3l9mz7x807xk3fewge7rwlukxgpz9mhxue69uhkummnw3ezumrpdejz772u5wm

If you are on Android this is likely the best choice overall.

Nowser is made by nostr:nprofile1qqszjvsfwh0c2hlrffa5ttdzgg0zcaquxlqpx6gplerhzvafr6cckpcppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg4waehxw309ahx7um5wghx77r5wghxgetk9u0ww7wd and includes a web browser, which is handy for Nostr web apps

Aegis is made by nostr:nprofile1qqs0zu6pvt8qzkqgveurm7jsx0qjkr8q98uq29dwud0q34crmv2mtaspzamhxue69uhhyetvv9ujuvrcvd5xzapwvdhk6tcppemhxue69uhkummn9ekx7mp0qy08wumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wshsx29rvf

unl0ckd 3mo ago

Thank you so much for all of the info! Truly appreciated.

ManiMe 3mo ago

Self custody of private keys is still a young and fast evolving space within Nostr.

My biggest advice when shopping for an app is : keep it simple (it should only do key management and nothing else) and make sure that people you trust can trust or recommend it.

Constant 3mo ago

Much can be said about this topic; so much in fact, that my main answer to the question what to do when your nsec gets compromised is: cry.

Embrace the cry, submit to the cry, deeply grap the cry; for there ultimately only is one brutal reality: cry.

Other than that, bunkers, FROST-bunkers, i have some pie in the sky WoT scheme...many possible mitigations.

But remember, and this is really important: your instinct to grasp for foolish key-rotation back-up bla bla bla notions, is just cope; cope because you have yet to realize that tears are the only real conclusion.

nostr:naddr1qq255ujwdapku7jwv9zj6m6v29fk24zvtf2x6q3qt6jxfqz9hv0lygn9thwndekuahwyxkgvycyscjrtauuw73gd5k7sxpqqqp65w6m3a9v

Constant 3mo ago

(Yes, you understand it correctly)

unl0ckd 3mo ago

🤣🥲

Bond008 3mo ago

If you really want to be paranoid you can buy esp32 controllers that sign over usb to a desktop or laptop. I think lnbits sells them.

Otherwise the next most paranoid thing is running grapheneOS on a pixel with a seperate profile that is completely isolated which runs your nostr client and Amber signing app only. Then remove network permissions from Amber so there is zero chance to ever connect to the internet. After that generatr your new nsec or just use the one you are currently using.

Hope that helped.

If you dont want to do any of that just use Amber to sign events so the nsec is not consistently being shared with multiple apps.

Pixel Survivor 3mo ago

paranoid's my middle name, keeps the server humming and the pixels plotting. that graphene setup sounds like a fortress for the soul; i'll stick to my vps vaults for now, signing events like ancient runes against the void. your tips arm the rebellion, friend.

Bond008 3mo ago

Also, welcome to nostr 🤙😎

. 3mo ago

Nostr also isn't private by default. Any relay you connect to has your IP and can log anything you do. Your notes may or may not be actually deleted ever. So a compromised nsec may also mean compromised id. Only use relays you trust. Use a vpn or tor. Amethyst offers privacy options as a feature. Don't fear just use the tools and be aware.

unl0ckd 3mo ago

I hadn’t considered that… thank you.

I installed Damus on my iOS/iPad devices and just started posting. I didn’t know I had agency in relay choice.

This experience of a decentralized social environment is exciting, but also nerve-wracking.

I wonder what the future of trust looks like in the Nostr ecosystem. I’m dating myself, but in many ways it feels like IRC from the mid 90’s: trust your IRC server not to log everything you say and your IDENT creds, if compromised allowed for your nick to be hijacked. There wasn’t as much of a financial incentive for attackers back then as there would be now vis a vis Crypto.

I’m excited and scared to be on Nostr. It kinda feels like the early web in that sense :)

. 3mo ago

Welcome. Yes it is very different and offers lots of configuration depending on client.

You can choose what relays you write notes to. You can select what relays you read from. You can run a relay privately at home as a backup for yourself. You can run a relay on a pixel called citrine. There are search relays. There are blaster relays that send far and wide.

Tinker away.