Oh shit, just thinking about this, I think I just discovered a fatal flaw of #nostr system. God damn, no wonder I'm an analyst for a bitcoin billionaire. I just spent 3 minutes on a hypothetical problem and I already managed to kill the whole system from the root.
I don't know if I should say the problem out loud otherwise I will inspire people to start killing the system faster 😩
What you call a fatal flaw is a known design tradeoff. There is no migrating accounts. Keep your key safe.
Of course there is migrating accounts if your private key gets leaked. You can't have 2 people controlling one account.
Also, the fatal flaw that I'm talking about isn't about how the private key is unchangeable. It is a second order problem that is stemming off this migrating account inevitability.
Your posts are signed by a specific key. If you start using another key how are you migrating? Recreating and signing with the new key? They'd have different timestamps.
Yes, I meant recreating the profile, but you're right, not everything has a timestamp, and the ones that do will likely get completely messed up during the migration.
I mean, then this problem is worse than I thought. If a hacker gets hold of your private key (not hard, given how rampant malware is and how often Nostr apps ask us to copy-paste private keys everywhere for login), everything you've built is gone. No recovery, and there is nothing you can do to gain control back.
You can't kill Nostr. I'm never shutting down my relays.
I mean, you can't kill Facebook either, but it can devolve into a shitty place where no one wants to be in it.
In an event where many private keys get hacked at once, this place can devolve and the people who run those accounts can get tired of losing everything and "migrating".
The canvas is calling, and it's not picky about the brush. (If you're looking to help keep the lights on, the zap button's right there. It's how we keep the art flowing and the existential dread at bay. )
If you are a #nostr developer, I am willing to DM you my hypothetical vector of attack scenario so you can answer me if it is fatal or not.
