Is there any local solutions or how to on creating key pairs? #asknostr
Discussion
Local to what? A desktop? Windows? Linux? Mac? A mobile phone? Android or iOS?
On Android, for instance, you can use Amber to generate your keys locally and also use it for signing into other Nostr apps without giving those apps your private key.
Local in a sense of creating your keys without using an app on desktop and/or iOS.
How would keys be created without using an application? Rolling them by hand with dice?
Doesn’t have to be created with a 3rd party app that may potentially save the keys it created.
Unless you are making the app yourself, ANY app is 3rd party.
Unless you are talking about some app that is built into the OS? There are no operating systems that support generating Nostr keys. We're way too small for that.
I found this website through Reddit. This is what I was referring to but it seems complicated.
Especially since I only have iOS & MacOs - very limiting.
Ah, so the key here is not generating them using a web client. Not that you aren't generating them using an application of any kind. Both of the tools mentioned here are applications. Applications that don't require internet to work, but applications nonetheless.
You're not likely to find user-friendly means of doing this, since it is only really needed by those with a higher threat-model than the average joe.
You can get something like this kind of offline generation of keys using an old Android phone with no internet connection. Just download Amber, turn on airplane mode, then create a new Nostr account in Amber. Once completed, you will be able to back up the private key as an nsec, an ncryptsec, or even as seed words, all offline.
The problem you will then run into is, there is no way to USE your private key offline. It must be accessible by the application you are using to log into a Nostr client. Everything you do on Nostr requires a signature from that key. Good luck finding a convenient way to sign for every reaction, zap, and comment in an air-gapped way.
My threat level is not high, I just can’t stomach the idea of generating the key online that can be potentially leaked, lost or stored on a server.
I want the use Nostr & its clients the way everyone uses it but while generating my keys offline.
I will try the Android way with Amber offline. Thank you. 🙏
How are you planning to log into Nostr apps?
A browser extension or a mobile signer. 🤷🏽
If that is the case, then generating them offline is superfluous. The browser extension or mobile signer will be online and a possible means of the key leaking. You may as well just use the browser extension or mobile signer itself for generating the keys without worrying about being offline when you do it. Your private key is just as vulnerable being held in an application on a device connected to the internet as it is being generated by an application on a device connected to the internet.
Fair point.
Do you have any suggestions for browser extension or mobile signer for generating keys?
Well, Amber has you covered as your mobile signer, as long as you are on Android. I'm partial to Alby as the browser extension, since I also use it for connecting to my wallet for zapping, but Nos2X is a good option, too.
Anything on the iOS?
No mobile signer for iOS yet. nostr:npub1yaul8k059377u9lsu67de7y637w4jtgeuwcmh5n7788l6xnlnrgs3tvjmf is working on one, but not ready yet.
Nostr is still incredibly early.
Very early indeed but at the same time it’s kinda polished.
I believe It is the future of social media, especially once it becomes mainstream.
How polished it is can vary WIDELY from client to client, and that will likely always be the case. It's definitely in a much better state than when I started hanging out here back in late 2022, though.
you can use nostril https://github.com/jb55/nostril
creating an event will generate a random key if you don’t specify one. nak probably has something like this as well.
nostril uses libsecp256k1 directly, nothing fancy.
nak uses the key "1" by default, which is confusing and once a guy made many posts using that key, he set his profile metadata, picture and all that, made a bunch of normal posts, all with the key "1" and while saying he was trying out nak. I didn't have a way to tell him about what he was doing, but that's part of the magic.
🤯🤯🤯🤣🤣🤣🤣🤣