Replying to Avatar fiatjaf

To be fair, it's not unreasonable to have this primal desire for subkeys and key rotation. The problem is that:

1) it's not possible to do without centralization (or a blockchain) -- Bluesky tried, and the best solution they came up with was a big server that hosts a history of keys for everybody and can censor anyone;

2) doing it by means of Nostr events that declare subkeys or delegation or whatnot, creates insurmountable complexity that turns Nostr into an unusable pile of bloatware and away its most basic feature: the chance of working;

3) it's not the only way to protect your key from rogue computers and apps -- NIP-46 and other methods exist and are much nicer to use, with still many unexplored possibilities;

4) it's not clear that more than 16 people in the entire world want this at all -- when was the last time a normal person thought about rotating their PGP keys?
Avatar
Analogue Dog 1y ago

One method that occurred to me as an alternative (or even a bolt-on) to ordered HD key rotation would be for each new user to generate a (say 128Kb) pad of key pairs instead of a single key pair. Each key pair would be random-entropic.

A user's first note is signed/encrypted using the first key on the pad, but with the note including metadata denoting the next key (from the pad) to be used... or a clue to the next key. The key could be switched every note, every 21 notes etc.

Only those who have been sent the full pad of public keys are then able to stitch-together the full note history. It doesn't feel too computationally expensive to me.

Obviously lots of flaws with this, but perhaps a basis for something...?!?

Reply to this note

Please Login to reply.

Discussion

No replies yet.