Social recovery, cloud partial key-material will help this.
Hardware is not practical for Nostr, the signing happens too often on every interaction.
Imagine if you'd use hardware for every zap 🙃
nostr:nevent1qqs9dczn8slzmpevlyx0dwnykvy334lycznzzpt8c88az5qnh5nhypc2degtc
I think some kind of yubikey like plugged into my PC would be a pretty reasonable signer
Would it be possible to use a passkey with biometrics? Everyone is already accustomed to Face ID and fingerprint verification. If that were available to sign and broadcast notes, it would eliminate the need to paste nsecs into every mobile app.
How is this not already solved with amber?
Is Amber available for iOS?
Nowser kinda is right?
Never heard of it. I’m looking for something OS-native.
It’s made by the same person who made nostrmo… dashu
Checking it out, thanks!
I think it’s more of a bunker? Idk not really user friendly yet? I might just be stupid tho?
LOL, yeah. The UI makes no sense. Going to have to read up on this. The only way this idea works at scale is if it can authenticate and sign for apps, not just websites. So that’s probably going to take some client-side integration.
It’s real early beta still I think n yeah lots needs to be done yet right?
There’s this too really new to
I think it work similar to Spring Browser on Android. The browser has the nip-07 extension built in?
But could you use it as a remote signer? Still trying to figure out how to use it as nip-46 bunker. The github page says it should work as such on iOS!?
Nothing works with native apps, only mobile websites, as far as I’ve seen.
Just tried this with nostrudel. It works! So we have our own amber solution now 💪
But it’s just inside the app it seems…
Doesn’t a phone count as hardware?
2fa with simple convenient pin, fingerprint, face confirmation
Hardware is practical. It just needs an internet connection, firewalled to a relay and websocket only connection, from where it can act as a home bunker
this already exists, just needs polishing up
That's great for a hand full of people.
I actually kinda prefer to be able to have full control of signing everything when using nostrudel with nostore…
Hybrid approach would work
Yea social recovery seems to be the way. Probably will take some time to figure that out
Totally get why hardware’s a no go here. Zapping’s supposed to be quick and painless, not a where’s my USB? scavenger hunt!
What are the problems that arise from a compromised nostr private key?
1. Someone can impersonate you (for a while)
2. You have to rebuild your entire social network graph across all apps
3. You lose whatever funds you have in your associated wallet
4. If you used your keypair to create private notes for yourself, they become non-private
Anything else?
App specific keys and some way to link and unlink them with each other.
