First time hearing of #subkeys on #nostr (link below by nostr:npub1melv683fw6n2mvhl5h6dhqd8mqfv3wmxnz4qph83ua4dk4006ezsrt5c24)
Nostriches need the ability to change nsec keys and have "their account" carryover in full. If my nsec is compromised, or I think it might be, I'm out of luck. Currently, nsecs are burner phones. You use it until you feel it might be compromised, then trash it and start over.
I've used Hive (formerly Steem) since 2017 as a blog. It's possible to generate new private keys and everything account-wise carries over. Also, there are actually four keys from least to most secure:
Posting - to post stuff
Memo - send dm
Active - move money
Owner - control everything
Users can chhose which dapp gets which permission/key, or not.
Maybe subkeys could be used similarly on nostr, at least to a degree. I'd especially like to see the ability to migrate to a new nsec if needed. Nostr Wishlist - http://nostrwiki.crrdlx.infinityfreeapp.com/doku.php?id=wiki:nostr-wishlist
This would be really nice. Maybe a security question could be added to accounts that already exist?
For example, if I got ahold of someone’s sec and tried to log in, it would ask me a security question before allowing me to.
I would have no problem answering a question if it means my account is secure. But I also admit that I am not entirely sure how all of this works.
Might help, but this would only be a bandaid, to my thinking at least. Suppose the bad actor has my nsec yet can't answer my security question...I guess he cannot proceed (though I still can). It would serve as a 2FA in a way. And when would the question be asked? Every time? (Too annoying) Each month? (After he's overtaken "me" for that time). At any rate, the bad actor would still have my nsec and that worries me. The only solution is new keys. Nostr needs key changebility.
