Nostr Web Client

Replying to

fiatjaf

Companies can easily set up a bunker and just share the bunker credentials with the employees, not the key.

But I do like the companies-as-relays method, it can work quite well.

Some people have talked about the notion of "publications" in the past too, to me those are very naturally relays.

Garbage nsec 10mo ago

> Companies can easily set up a bunker and just share the bunker credentials with the employees, not the key.

I think for smaller ones that works. But for bigger ones, it's the "nobody can ever un-see an nsec" problem. Some jaded IT department head leaves and takes with him a lifetime license to sabotage. (At least the lifetime of the nsec, anyway). Can't allow it. And people come and go all the time. And nobody's going to dare ask the higher ups to hold an nsec .

I get that you can try to engineer a Frost-based "unseeable-nsec" system, but that freezes everything in state, and that freezing in state creates more problems than it solves. (Plus try explaining it in 100 words or less.) And making seeing the nsec a no-go by outsourcing "nsec holdings" to a trusted third party that will generate bunkers for your company as per a business contract just moves the problem around.

But companies as relays I do like. Hey company, are you able to manage your AWS VMs? Yes? Good, then you can manage this too.

Reply to this note

Please Login to reply.

Discussion

Vitor Pamplona 10mo ago

With a bunker no one holds an nsec but the bunker itself. You are not giving the nsec to anyone else. You are registering new nsecs for each employee inside the bunker.

It's quite similar to how all companies have root passwords for most services and then delegate them to the appropriate employee.

Garbage nsec 10mo ago

It's not though. The bunker has to start somewhere. There has to be a "genesis nsec" at the start of the bunker story. And that genesis nsec will be "see-able".

It's fine if the company doesn't mind at least one person seeing (or being ABLE to see) that genesis nsec. Call that person the bunker starter-offer, maybe the person who runs Igloo to generate the very first Frost shards.

That is a huge corporate security issue. It's like giving that person a forever password to your AWS backend.

To be clear I mean relay more in the Flotilla sense, and with it's own pubkey, but further developed. So not your ordinary relay.

Melvin Carvalho 10mo ago

You need a dynafed N or M with 2/3rd honest majority plus subkeys plus key rotation. Something like that.

Garbage nsec 10mo ago

Thanks, I'll give some thought to the UX for something like that. I may be assuming this path is more terrifying for your average company that it has to be.