Nostr Web Client

“Key rotation is something that we have to figure out if Nostr is going to succeed in the long term. There have been some proposals, but none of them have gained enough traction to be implemented. Key rotation is an inherently difficult problem, because you need to borrow the reputation of the old key in order to validate the new key in such a way that an attacker wouldn't be able to do the same thing. Decentralized identifiers (DIDs) are not really a solution because they result either in a circular system of keys or dependence upon a trusted name registrar. Hierarchical keys have the same problem; the root key still has to be competently secured.”

Building Nostr nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn

Reply to this note

Please Login to reply.

Discussion

il_lost_ 5mo ago

no spoiler 😅

Deleted Account 5mo ago

Cant you just set it up so that when you sign up you generate several pairs of keys but only one set can be activated at any given time and the other sets are stored securely. So if you lose a private key 1 you can use private key 2 to retain and continue public key 1?

nostr:nevent1qqsprw3z7cv9s7qmmdeemaqrxy77jwv0s9vnhdcj7j03hcxlz7jdesgprdmhxue69uhhyetvv9ujummsv4hxyctvv9hxxefwv9c8qtzzs9s

Nathan Day 5mo ago

Maybe Attestations help here in terms of socially signalling some form of key transition event?