Nostr Web Client

We have to decide if logging in with nostr is a desire-able thing to have. The ecosystem seems to be moving to passkeys, i don’t see why we necessarily need npub identities for login. There are many reasons you wouldn’t want that: privacy, etc.

semisol 1y ago 💬 2

Passkeys are utter trash in implementation but the underlying concept is good

npub login is flawed because it can’t support multi identity and is non-private by design

Reply to this note

Please Login to reply.

Discussion

semisol 1y ago

And also they don’t use obscure shit like BIP304 signatures so they can be put onto a secure element

frphank 1y ago 💬 3

All the "hardware wallet" implementations for Bitcoin show that you can make a secure element for BIP340 just fine.

semisol 1y ago

Specialized SEs != TPMs in computers, SEs in phones, etc

frphank 1y ago

Ah yes correct.

frphank 1y ago

BIP340 are Schnorr signatures?

From: https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.07-2014-03-13.pdf

Section: C.4.3 EC Schnorr

"If a TPM supports ECC, it should support the TPM_ALG_ECSCHNORR scheme."