As with all social networks the key is understanding what the limitations are so you can hedge your risks. In about 3 months of time nostr has achieved a significant amount of innovation and adoption. Developers of clients are well aware of these pain points and I firmly believe are working to make nostr as reliable and resilient as possible. The feedback in this linked thread is important, it helps make those new to nostr more informed about what to expect and avoid. I remain bullish af on where we’re headed here. Additionally, I plan to try to backup my account for the first time today. I’d be heartbroken if I lost access to my nostr identity. It’s the result of quite a bit of proof of work.
Discussion
I feel like I will have to move my identity to a new key pair once I generate one securely on a hardware wallet.
👀 I did not realize we could generate on a wallet… Is there info somewhere on how?
This is not great in reality, as you're signing so many messages, dealing with a hardware wallet for each one is very tedious. We need the delegation NIP finished, so we can delegate to a less secure key from our cold keys.
Why would you have to deal with a hardware wallet for every single activity, it sounds like he’s saying generating the key with a wallet might be more secure? But I admittedly have no fucking idea lol.
Generating a key can be done just as well anywhere. I mean, there are different levels of random and entropy, but a hardware wallet doesn't inherently do this better than a python script.
A hardware wallet does it without the secret ever being online, on any machine thats online, etc.
When you go to sign a message to nostr, you'd have to ask the hardware to do it and go through it's whole process for signing, ' are you sure? ' etc.
I did this a while ago, but it would be easier when the cold card can do it at the touch of a button.
Yup, we’re gonna move to hardware signing devices and set up new pubkeys once the devices are available and apps start working with them. Current privkeys have been in too many risky places for almost everyone.
How does that even work? Do You have to connect your hardware wallet every time you send a note to sign it?
But then you’d need a trip to the hardware wallet every time you sign a note, a zap, etc.. in theory you can do it, in practice it looks like there would be a lot of friction