Verified identities on social media platforms will be a fundamental requirement as AI progresses into deep fakes and mimicry.
Private keys give you control over your digital identity and how much of yourself you’d like to share. I suspect government will try to impose something similar.
But, not your keys, not your identity.
Not every bitcoin principle can be applied to Nostr and this is an example of that.
If your nostr private key is compromised, that doesn't invalidate that you own your identity and everything that you have created in your lifetime. Your identity existed before Nostr and can exist on an infinite number of social media.
What happens with a compromised private key is that someone else *also* gains access to your nostr account. That access does not grant them ownership and luckily they can't (yet) lock the real owner out from their own account. You can re-direct your subscribers to a new account and the impostor will not likely convince rational individuals. Having several social media reduces the risk of false account-redirection.
This is a fundamental difference between Bitcoin and Nostr. Bitcoin is a finished monetary protocol where we know the security mechanisms and they have been fire-tested for 14 years. We can send any amount of bitcoin to different addresses/wallets, thereby deciding our own security level per address/wallet. Since Bitcoin is the optimal monetary protocol it makes sense to be Bitcoin-only. Not your keys, not your bitcoin; they will literally be stolen if the private keys to a particular address are compromised.
There will always be a variety of communications channels. We can't know for certain what the Nostr security model will look like 5 or 10 years from now.
I agree our identity is still ours. I was thinking more of my ability to know what Leo thinks because I have a verified source for interacting with you.
Getting information directly from the source is going to be much more important going forward.
Right, I kind of skipped your main point, which I certainly agree with.😄
I've just seen so many people saying 'not your keys, not your identity', but we need to remember that Bitcoin is fundamentally unique.
I'm not happy to agree with you here, but a Nostr identity is merely a label or a nickname. The real person behind is what needs verification and that will always involve something beyond Nostr. A meet-up, a NIPS-05 domain, a tweet, a github post, etc.
It's kinda like PGP keys that way. There are many keys for a single signer, often expiring and being remand. You declare your trust, broadcast it and also check who else trusts it before doing so.
This trust factor, the concept of 'where did you get this key', do you trust it, who else trusts it (Web of Trust) is likely critical to using Nostr for more serious operational security messaging al la PGP email signing, code signing, etc.
I agree. Maybe some type of social consensus for accounts. Maybe even a “vouch for” model. Where trusted accounts can vouch for new or smaller accounts to add credibility? Just spitballing
