Nostr Web Client

This is how public channels work in xx, and the main issue in your scenario is you need to trust your users not to share this key… instead you could blindly sign a cred that allows them in via a valid signature, but you could still track the now pseudonymous cred. That should fine as you have all the connection metadata which allows you to do that already.

Crusty 👨‍💻 1y ago

Thanks!

What I was trying to achieve is to not even have pseudonymous creds, because if it gets tainted, all actions can be related to that user.

But why couldn't they share the blindly signed cred either?

Reply to this note

Please Login to reply.

Discussion

Richard Carback 1y ago

I think 2 options, one is sharing that cred means they will lose access to it and maybe any funds or other access protected by it. The latter is to ban when you see access from the same pseudonym from different places at once.