I was thinking something like Linux Mint or Android but you login with Nostr.
I don't know. Just rambling, I guess.
Everyone looking at me like
Discussion
But why can't we use Nostr to login to machines?
Like, is there a reason?
i've been working on a thing called "noshtr" which replaces SSH with nostr and i was part way through implementing a noise protocol tunnel for it that uses nostr native - sha256/secp256k1 for MAC and ECDH
as far as using the pc locally, the idea would be to have an enclave that isolates your nsec and then hook that into anything that needs a signer
i don't think it would be useful to go any deeper than that, just to make nostr keys a native auth tool
You could also make local/remote relays part of the filesystem, like Microsoft does with OneDrive/Sharepoint in Windows.
now you digging at something interesting
nostrfs
this one is very interesting because of how it overlaps with blossom protocol, i mean, if you just purely do the "fetch this event ID" functionality they are the same protocol
to make it a useful FS you need to have human readable filenames not just crazy SHA256 identifiers
🤔 Yeah, stuff like this.
I'm kinda getting lost in the details, but I feel like I've done my part for posterity by suggesting it. 😂
well, a signer is at the centre of it, and secondarily a secure TTY, after that you are designing a system namespace hierarchy to tie it all together, and each different part that uses the same signatures/auth has its own specific set of concerns, like a local cache relay, or p2p shared relay caches/blossom etc
i see no reason why it can't be made into a little suite and it should be simple to have this tooling run on any OS to augment it to enable you to do native nostr stuff and plug into things like web apps for signing and so on, LN wallet signer keychains, one keychain to rule them all!
I like that. Nostr Suite. Suitestr. 😂
And integrate git seamlessly, like Sharepoint does with Team Foundation.
And deliver it as a package with Nostr versions of desktop software.
Calculator, browser, document editor, IDE, etc.
LN wallets.
App store. And you install apps natively by double-clicking them. 🤷♀️
yes, and i think that building it on top of an SSH replacement is the unix way to do it also, single responsibility principle, and for security it means you can lock it down easier
https://github.com/mleku/noshtr this is the beginnings of it, i'd started with a different noise protocol framework but then found nyquist which is much nicer, but it's not finished yet, just putting it there so you can see it
I just tagged someone who might understand what you're saying. 😂
I will give a little pushback, aead encryption has been around for a little while now integrating these protocols. Often using the exact stack except Blake2/3. Just missing secp256k1 and to be fair, im not sure I'm risking it all on it anyway, we will never have hardware support for mfgs that focus on government nor operating systems on so on. Libraries are a whole lot more portable when you can rely on an operating system for crypto primitives. Monocypher has a great API for this.
yeah, i've been working with these things for a long time
i built a thing in 2023 that uses sha256 and secp256k1 schnorr signatures as the MAC
in my cruddy initial version it could crunch through 8Mb/s/thread which was more than enough for a typical modern CPU to do a fully packed gigabit channel
and the amount of irrational bullshit about secp256k1 yet here we are, 2024, bitcoin still no problem with signatures, schnorr variant rolling out steadily
idk what to say
i routinely use SIMD code for my SHA256 hashing and it's fast as hell, like, more than 4x faster than it was before
i've seen how fast the secp256k1 C library is, and that's not even going SIMD yet, and it totally could, and if i had 3 months to tool up i could build something like this myself (in assembler)
ironically, the math of koblitz curves is actually on par with edwards, but unlike edwards, it's not possible to craft backdoors into the group
i think that BIP340 style EC signatures and SIMD sha256 allows you to do a perfectly adequate, and single-stack of crypto tooling free of legacy bullshit, and that it is very appealing to bitcoiners and nostr users... you can even find some amounts of commentary on nostr out there about fiatjaf's decision to go with the musig2/taproot BIP-340
when it comes to actually working it on hardware, 256 bit pubkeys versus 257 really makes a big difference, it's an alignment problem, you are talking 4 long words versus 5 long words to process the same data
i think this chacha/blake stuff is cool and all but if it's sufficient and bulletproof secure with a single crypto stack then why pollute your code or your memory with this?
nostr:npub1qdjn8j4gwgmkj3k5un775nq6q3q7mguv5tvajstmkdsqdja2havq03fqm7
https://github.com/mleku/noshtr this is what i built so far, it's not finished yet but the idea was to have it do all the things of SSH but simplified, so it creates a TTY to a remote pc and drops you into the system configured shell, and gives you a key generator and keychain (probably would be easy to integrate vainstr into it, which lets you mine for vanity npubs)
Doesn't GNU already have a pluggable auth provider for SSH?
maybe GNU does but not OpenSSH... would be very cool if it was that easy cos it would take me a day to do it
(*ozzy man voiceover*) yeah, nah, mate, there isn't any such thing, gonna hafta build something custom, by crikey
Wow, good to know, I was thinking the same thing, yeah make a plugin.
so, yeah, just confirming what my research shows... you can make one for PAM, but not for SSH
so, anything you do with PAM is linux only
if you want to make it cross platform, ie windows and mac as well, you are gonna have to write a whole new ting like i've started on
You can already login using yubikeys. All you need is to inject another PAM module, no need for a new kernel or a new linux distro.
How you login is just a very small part of the whole and it's already modularized.
Yeah, but I'm thinking bigger.
Like, a bundled package.
I get it: something that can inregrate with zap.store for apps, with the browser, with sheetstr for docs, with the filesystem, with ngit, storing settings and configs encryoted on relays, etc.
That kind of integrated experience sounds more like Chromebook (nostrbook) than linux. Which is an interesting fine idea, just not something my boomer mindset would want personally.
More like Linux Mint. That uses Ubuntu.
Couldn't we just make a Mint fork and fiddle with it?
probably would be better to just start with debian
Talk amongst yourselves, gotta go to church, and the convo quickly escalated over my pay grade.
😂🙈
I feel like this needs to be a whole community effort. It's too big for one team, even a large team, like ours.
But how awesome would that be?
#[4] #[5] #[6]
well, if anyone wants to fund a nostr system toolchain project i'll put my hand up for building some of the low level stuff for sure
We'd need a good PO, like Will or something.
If it was well-coordinated, and I did analysis and testing and Niels and nostr:npub1r0rs5q2gk0e3dk3nlc7gnu378ec6cnlenqp8a3cjhyzu6f8k5sgs4sq9ac did the design and etc...
nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 could build a nice terminal and nostr:npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr could make the filesystem and etc...
This could be an actual thing. Just need a good road map and divvy up the work, so that everyone has at least one partner and nobody has too big of a chunk.
Nevermind, I was being silly. We already have a good PO. 😁
Same.
*Cracks knuckles*
*breaks out my Dell AT8101*
*dusts off the PS2 port*
Lets fucking go
#[4] #[5] #[6] #[7]