Key delegation on Nostr will never work. It's either NIP-46 or GTFO.
Discussion
Key delegation: the ability to allow subkeys to speak on behalf of the main key with flexible revocation controls to protect the main key when subkeys leak.
That would be a token system like oauth2 - but who's the central auth provider in a decentralized system. Could extend the relays to act as witnesses.
Exactly, there is no central auth. We don't even have a time chain to verify that some things came after other things which oauth just assumes it exists.
Could you clarify why not?
1. It must be mandatory and coded by all relays and all clients. Otherwise, users will see broken experiences everywhere (things appear here as official accounts of a brand but not there, etc).
2. Encryption and decryption is impossible with subkeys. For instance, we can encrypt DMs for all subkeys, but once you do it, you cannot revoke that anymore.
3. Replaceable events and all the indexing around it now must consider delegated keys whose authority can change over time on a simple re-broadcast. The entire indexing now needs to use the DB as a source for the index itself. It gets extremely complicated.
4. Now compound that complexity with the fact that we don't have a time chain on Nostr and things can appear in the past, future and different relays can and do have different versions of what's authorized at the same time.
It's mess, on top of mess, on top of mess.
All because we use raw pubkeys as the main address and not a time-resolvable DID for instance.
> All because we use raw pubkeys as the main address and not a time-resolvable DID for instance.
So much this.
Thanks for the clarification.
These are all really good points and may have changed my mind on the subject. That said, remote signing will only be used by a tiny minority of people.
Not really. Amber uses NIP-46 to sign and decrypt payloads from your phone. Desktops never see the nsec, only people's phones do. Everytime an approval is required, Amber brings up a popup on the phone.
That can come from your team members or from yourself on a separate device.
> Everytime an approval is required, Amber brings up a popup on the phone.
That seems like a relatively high level of friction, and friction is a big killer of adoption.
I couldn't agree more
“Ill just stay quiet while the adults are talking” -me
It makes me sad but I agree.
💯 never gonna happen.
Why not?
yeah yeah I get it now. But it's not like its theoretically impossible, the app devs just dont want to do the work. And I get that too, because delegation is so uncommon that it doesnt make sense to hack in the solution.
I get it, I yield, RIP NIP-26.