Could you use the system keychain api to automatically keep the private key safe for the user? Then let them retrieve it when they need to? https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/storing_keys_in_the_keychain
Yes and that doesn’t work with the web. As I said. We implemented this using apple keychain for key storage in nos.social. The problem is that most people use the web for most things. And we understand a system of accounts which exist on servers.
Honestly the compromise bluesky made isn’t terrible for this.
It is terrible because:
1- users don't hold the keys to migrate without the current pds's consent
2- even when they migrate, they also need the continuous consent of the centralized (and always will be) identity registry.
That being said, there is a movement in Nostr to give custody of keys to servers, without any path for redemption other than reboot with another key, so Nostr isn't really doing much better.
But you are right, the web is currently doomed to feel like visiting something that isn't yours, so it doesn't lend itself to key holding.
Native apps are much more appropriate for that psychologically not just technically.
The solution (I bet) is that we will have to reinvent browsers, to be more like the original vision that has authoring as a first class experience and tooling.
Oh I thought Nos was just an iOS app.
GunDB had a pretty clever user/pass api that was an abstraction over the keypair. Worked nicely but I think ultimately people just favored the keys because it was one less thing to worry about.
People understand keys to houses. They can be taught about the digital equivalent of that
