Nostr Web Client

I've been dreading this day tbh

it happens... truly it's the most nightmarish thing about being a programmer, how many people can get messed up by your mistake

good that it's found and fixed and move on and don't forget... we live in a world where many clearly bad things are said to be "ok" when they are not

Deleted Account 1y ago

If you’ve been dreading it then it’s been an ongoing issue.

Why didn’t you tell everyone initially when you found it? Genuinely?

Not judging you, seeking to understand.

brian 1y ago

Thanks for disclosing. Would this affect nostr browser extension logins through nos-2x or Spring Browser?

Weatherall 1y ago

whats the latest build?

`686f8dbd`

Weatherall 1y ago

thanks 👍🙏

FreedomTech 1y ago

This is why we need to be vigilant with signing apps. Only give your nsec to a signing app, that way you never share it with anything else.

this is why this universal use of telemetry in software is a bad thing... one bug and millions can be harmed

if i were you i'd be taking that telemetry out

i recall that keybase had a crash report system where if you knew there was going to be a problem because it repeatedly happens, you could activate the logging and then run it and when it starts up and finds a crash log, you could then look at it and then send it up to them

that's how it should be done... requiring users to accept this phoning home as a condition of use should be completely out of the question and for reasons of security, should always be a process by which the user actively and knowingly provides this information to the developers... and when there is a third party involved, it gets even more sticky

and would i be right in saying that this data has found as many bugs, like as many terrorists as the DHS copping feels and irradiating people?

actually, come to think of it, though it never seems to want to let me actually send the report, intellij IDEs do this too, they prompt you about the existence of crash logs and ask you if you want to send them

utxo the webmaster 🧑‍💻 1y ago

Were the keys ever stored (not just transmitted) in plain text on bugsnag, like could you login to that platform and see them?

. 1y ago

Amber

Better, however a supply chain attack on a dependency could leak passwords even from a signer. It also makes the maintainer of the signer app a larger target, ultimately multisig deterministic builds and releases help with that.

ce41c169... 1y ago

What technically makes something like Amber more secure? I’ve never used it, so not familiar, but isn’t it just as vulnerable as anywhere else you stick your keys?

I assume this is a good reason to always use signing extensions yes? That would avert issues like this, unless the extension itself was somehow compromised or had a bug, is that right?

Yep, remote signers and browser extensions are a great solution for this, and have been around for years now.

Perhaps it would make sense to post a list of signing extensions on the login page, and recommend that people use those rather than entering an nsec, or perhaps you already do that?

Yep, nsec login is already discouraged in Coracle's login process.

Why have it even as an option?

Keys are simple, external 3rd party dependencies aren't (and, as you note, may not be any more secure). It's all about ease of use for non-technical users. But the days of nsec login are numbered, we just need really solid flows for secure custody. nsec.app comes close.

Entering a private key into a web app is much less secure than a signer app or extension. However, a signer app still can have its issues, just less.

A few of the issues:

- Phishing attempts from similar looking domains.

- Hot loading code from a remote server, not signed releases from the maintainer.

- Encourages entering nsec somewhat carelessly into more than one web app. It could be entered into a clipboard, which as been another vector of attack.

- Users habits of this type of behavior from passwords on every other web app. Passwords can be reset via email resets, a private key can not be reset. It can thus not communicate the importance of it not leaking, and thus careless backups and storage.

None of that is good for non-technical users.

Great points. Web apps also have lots more supply chain attack vectors than single-purpose signers might. I especially like your point about training users. Lowering security to accommodate UX doesn't do anyone any favors.

What are your thoughts on https://app.nsecbunker.com/?

It's a good start, but ultimately a custodial honeypot. Self-hosted bunkers are much better, but hard for normies. Multisig could be a great way to solve this, I know it's been worked on some.

atyh 1y ago

start establishing the self hosted bunker paradigm now. its going to be necessary for the internet of the future

The use case for it I think is limited to cases in which delegation is a need, for example for an organization with employees.

It being any kind of added safety or security, I think is a far stretch and confusing use of naming.

It's often custodial and by that nature already leaked; not your keys, not your profile. As for it being self-hosted, a simple signer app that isn't remotely accessible or managed has much less risk.

Curious to hear thoughts, esp from developers nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z nostr:npub16c0nh3dnadzqpm76uctf5hqhe2lny344zsmpm6feee9p5rdxaa9q586nvr nostr:npub1g53mukxnjkcmr94fhryzkqutdz2ukq4ks0gvy5af25rgmwsl4ngq43drvk nostr:npub1v0lxxxxutpvrelsksy8cdhgfux9l6a42hsj2qzquu2zk7vc9qnkszrqj49 nostr:npub1xdtducdnjerex88gkg2qk2atsdlqsyxqaag4h05jmcpyspqt30wscmntxy

I am guessing two possibilities:

1. The friction to onboard new users would be pretty high as it currently stands, if they have to go and figure out using a key extension.

2. The developer, in this case @hodlbod, would need to trust that the signing extension options are excellent, and have been audited rigorously.

I can imagine that as a developer, if one knows one is acting in good faith, it might be easier to trust oneself and one’s intentions, than those of others?

brugeman 1y ago

Nsec login definitely doesn't make much sense, aside from "bunkers are high friction for now so Damus users should just paste nsec". This will improve as bunkers improve, I will share a significant step forward in this area next week.

Local nsec signup makes total sense - let users start asap but then let them export nsec to a bunker. Nostr-login widget has this option built-in, only works with nsec.app for now but will be proposed as NIP upgrade when we are confident it's good enough.

I agree, nsec.app is the smoothest experience I've seen so far. Thinking about seeing if I can integrate it into the onboarding experience in Coracle, friction notwithstanding.

brugeman 1y ago

Awesome! I'm sure there's a lot to improve there, please let me know if you have ideas or issues.

Your last sentence is important--what you're really asking (or assuming) is that we can "trust" the code more in signing extensions (and frankly that may not be the case).

This is one of the weaknesses in the open source community. We all assume that because the code is available to all, it's "good".

But what really happens (in more cases that we might want to admit) is the only "audit" the code receives is from the original developer--I'd even dare to say that most projects out on git hub probably receive very little (if any) code review prior to being released.

Yes, I guess I am hoping (!) that the code for a signing extension would be rigorously reviewed.. and even then, I am aware it could have a vulnerability (but any code could have that, so at some point we (esp us non-coders) have to *trust* the code 😅)

Well, there's the rub...unless you go in and review the code yourself, you must end up trusting others...

And when someone like nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn posts "hey, we have an issue" I automatically trust that developer even more.

What I *really* worry about is dishonest projects / developers, and you see it all the time. Someone releases an app on the Play Store that does something nefarious...happens more often that most realize.

And look at all the data breaches out there--those are code mistakes that ARE audited (heavily) and still they happen...

nostr:nevent1qqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcpzpmhxue69uhkummnw3ezumt0d5hsygyhcu9ygdn2v56uz3dnx0uh865xmlwz675emfsccsxxguz6mx8rygpsgqqqqqqskwmfdf

I hear you. What do you see as the solution?

I don’t have one, though I do see it is probably a good idea to let new users know that this issue has not been solved, and that they need to be aware that there is a chance their nsec could be compromised.

Of course, that would cause friction too, but my approach with onboarding people to both #bitcoin and #nostr is to remind them that this is all a big experiment, and we are part of it, part of creating the potential for freedom, even as we move into a digital age.

Judge Hardcase 1y ago

Agreed. Unless you've diligently ensured your nsec has continuously remained isolated from the Internet (which might be nobody), it's prudent to operate as if your nsec has already been compromised.

cloud fodder 1y ago

good on you for informing users of the breach. 🙏 not an easy choice. I think many devs would just cover it up.

I hope others that see this realize that this makes coracle more trustable and not less.. 🎇

solobalbo 1y ago

1. I'm lucky to have always used nostr apps with key signing extensions on both phone and laptop.

2. I didn't know Coracle had an apk...

Sascha-Oliver Prolić 1y ago

Damn, too bad. That must really suck. Good luck and I hope you get this all figured out.

Enki 1y ago

It's a good thing he disclosed it. It definitely makes Coracle a bit more trustable in my mind knowing that even in the case of a mistake it will be disclosed.

Definitely reinforces the fact that you should never raw dog your private key into any application, no matter what. I don't really think most people do that nowadays, but its a good reminder.

nostr:nevent1qqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygyhcu9ygdn2v56uz3dnx0uh865xmlwz675emfsccsxxguz6mx8rygpsgqqqqqqshj8ft2

MichaelJ 1y ago

Thanks for the announcement.

Do you plan to deprecate raw nsec login in future versions? Signing extensions and remote signers are the security habits we should be encouraging users to adopt.

Not necessarily...there's nothing that ensures remote signers and extensions don't have similar issues...

MichaelJ 1y ago

It at least reduces possible exposure surface.

the complexity of clients makes it more likely however

the point of isolating it in a simple, single purpose thing is to reduce the chances of there being a vulnerability

it's a point lost on many programmers these days, the reason why the Unix philosophy talks about small, single purpose, modular applications. Security is a big part of why, but a small part of the broader problem of bugs, which also cause other inconveniences

Agree...(in theory).

How many times to devs pull from a library of "trusted" code, only to find at some point in the future that "oops, we found a bug in library x"...

Often it's no one's fault--but it happens.

So modular applications / libraries come with potentially even a greater risk... 😃

Unfortunately I don't think you can get simpler than nsec login. It's also the easiest way to create an account. Anything more is very confusing for normal people. You either have server-side custody, a different browser app like nsec.app, or a new app on your phone, all of which can have the same problems. A key rotation scheme would be an improvement worth having, and educating users to reduce key exposure and not use their main key for storing ecash or secret communications or whatnot seems like the way forward in the short term at least.

MichaelJ 1y ago

Requiring an extra signer app or extension is not much different from a service like Gmail requiring a two-factor authentication scheme when you create an account.

We should work to create a "pit of success" for users to fall into, and I'm concerned that raw nsec signing doesn't do that.

UX research and future development in the Nostr space could probably produce low-friction identity creation that guides users into creating an nsec and storing it securely in just a few clicks/taps. It's not an easy problem to solve, but could provide huge value to users.

You're probably right. I think we'll get there, we just aren't yet. Bunkers were introduced about a year ago, and have come a long way in adoption, but they're still not quite "easy" (unless they're custodial, and even then, most of those are offline).

yeah, the problem was relays

and the reason was complicated, ugly languages used to implement most of them, that make changes difficult to reason about

ManiMe 1y ago

I agree. More work is needed in this area.

i think there should be more than one signer... and some thought needs to be put into how to do it on desktop with browsers

you can recommend people install nos2x or amber, and remove it from your web and desktop versions...

i agree with the principle of it... the more complex an app, the more likely it is to have a bug and if it's a security feature, potentially a vulnerability

people should also be wary not to make these signers into all singing all dancing omni-apps also

So this is perfect--and what should happen.

We find a bug, and it's now opening up a great dialog on potential ways to improve Nostr and the log-in / account creation and maintenance processes.

"Making a mistake is a gift...you now get to fix it AND make things better!" 😃

Love this thread!!

Agreed, it's a profitable conversation

Frank 1y ago

Thanks for letting us know. I appreciate your openness and disclosure. All good. 🫡

nostr:nevent1qqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcprdmhxue69uhhyetvv9ujuam9wd6x2unwvf6xxtnrdakj7q3qjlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qxpqqqqqqzxjp2yu

Do not enter your private key into a web app! Why are there Nostr apps that are doing this?

Second, a dependency supply chain attack could make even signer apps leak passwords.

This is how bug should be handled--openly and honestly.

Kudos to you. 😃 We all make mistakes...we're not God, and while we try to be perfect...well...

And (frankly) at some point everyone on Nostr needs to understand their nsec is effectivley not private, as AI will be able to dox any of us (so long as you have enough posts to begin developing a "profile"). Sorry, but it's true...

In fact, I've been thinking that perhaps a good practice would be to abandon a profile (nsec) periodically and start over...thinking about how that might (or might not) help...

Regardless, nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn you've gone up a few notches in my book.

Thanks for all you do, and for updating us.

Normalizing using many keys for different use cases might be an improvement as well.

nostr:nevent1qqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygyhcu9ygdn2v56uz3dnx0uh865xmlwz675emfsccsxxguz6mx8rygpsgqqqqqqshj8ft2

Agree...I use "browser isolation" for most of my surfing, where I use different browsers and different extensions for different purposes (e.g., I only sign into Google on Chrome, and I only surf using Chrome at websites that I'm ok with Google knowing about). I can envision doing something similar with Nostr...

Nostr is so new, we're still on the bleeding edge--things will evolve and get better...

Right now we're driving Nostr's "Model T" - transformational at the time, but quickly evolving as technology and development leaps ahead...

Just wait until we develop the twin-turbo V8 Nostr apps... 😃

Deleted Account 1y ago

Genuinely thought that was normalized already. Majority of entities have sock puppets. Even me. Mine are currently used for me to look back & analyze in chronological order.

Many are better about using multiple alts to express different parts of their personality or for narrative purposes. 🫂

Derek Ross 1y ago

Using signing extensions and signing applications are paramount.

ChipTuner 1y ago

Thanks for being honest, but holy shit.

L 1y ago

The response we wish to see everywhere on the web, that we don't!

nostr:nevent1qqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcpz9mhxue69uhkummnw3ezuamfdejj7q3qjlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qxpqqqqqqzj20gnn

https://github.com/vnuge/nvault

Good move on the disclosure, difficult but necessary thing to do.

npub.xyz 1y ago

based honesty. keep doing what you do hodlbod; we appreciate you. 🫂

ChipTuner 1y ago

MY NSEC WILL NEVER LEAVE THE VAULT

Users using uBlock origin would likely have been protected by default, I know I am. You should always be using blocking tools such as script blocking extensions or DNS blocking to disallow apps from sending YOUR data to 3rd party servers. I encourage other developers to avoid even the slightest possibility that you could be responsible for compromising user's identities.

For web applications I think it's time to deprecate nsec login.

nostr:nevent1qvzqqqqqqypzp978pfzrv6n9xhq5tvenl9e74pklmskh4xw6vxxyp3j8qkke3cezqqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcd2e3vt

maven leo 1y ago

Some fuck up was bound to happen with using nsecs to login

nostr:nevent1qqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcpzemhxue69uhhyetvv9ujucm0d9hx7uewd9hj7q3qjlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qxpqqqqqqz3l4dcc

Ruthie 1y ago

Thank you for letting us know.🙏

Ken Lazer 1y ago

Honest devs should be Zapped! Thank you

Bee Aye 1y ago

🫂

Ademan 1y ago

This is why I use nos2x :-)

Laan Tungir 1y ago

Thank you for the disclosure. 👍 👍

Zio Mc 1y ago

I remember someone proposed to unlock btc wallets with nsec nostr key.

Mmmm bad idea.

Vveerrgg 1y ago

Thank you for the transparency & if anything else … a nice reminder that private keys need to be kept private.

Secondary question. Can ppl rotate their nsec? And generate new private public key to a Nostr account? #askNostr

There's no standard way to do it, but lots of people have success with social key rotation. Just make a new key and tell your follows you've moved. I'm sure we'll eventually come up with something more streamlined.

https://github.com/trezor/trezor-firmware/issues/4160

Indeed, I've been thinking about how to achieve that. It should be fairly simple.

I see it in two parallel goals:

1. Ability to revoke a key. This will inform followers that a key can not be trusted anymore. This will not include any suggestion of the next key. As it has been compromised it would be useless anways.

2. Ability to confirm an identity through a social graph (e.g. people you know can help to verify that a profile is the authentic one). This will be useful for completely new users, as well as a user that has had a compromised key.

Tristan Brice Velloza Kildaire 1y ago

Respect for the full disclosure

mIX 1y ago

Pretty sure I've always used a browser extension. I was not able to use amber on the mobile app on android, so I never signed into it.

3rd party data holdings always seem to be a big security issue. Even if you're honest as a dev, they may not be. Many stories of 3rd party services being the cause of data leaks the past few years too.

JesterHodl 1y ago

can you ask bugsnag to ensure data is wiped and not softdeleted?

rleed 1y ago

We need this:

Sebastix 1y ago

Ah man, that's shitty! But the way how you handling this is an example for other. I'm 100% sure you did not do this on purpose ;) It takes courages to be such open and honest about this.

It reminds me of this note too ;)

note1n2tksh06q93fqvj25xrumfavw2va3k9nyz5jsves2jawukj2fl9sgum268

atyh 1y ago

youre a good man. 👍

TheDesignFlaw 1y ago

Imagine if we had institutional transparency like this.

nostr:note1x953gmpz6nwhtm5ys6hadgtre90xx9t8984hdj5nkzud93rq36nsuf0saj

⚡tephen 1y ago

Honestly it shows a lot about your character to voluntarily disclose this. Good on ya fren. 🫂

The Bitcoin Street Journal 1y ago

not your keys not your korn

Cesar Dias 1y ago

Respect for the transparency, I have so much to learn here, keep building

N3WD3V 1y ago

That's an honest days work my guy

zizu 1y ago

Sorry to hear that. Is there any way to check when one signed into corracke giving nsec?

jakub 1y ago

I have no idea what Coracle is

rewolf 1y ago

Can’t know much about Nostr apps then

jakub 1y ago

Cool

rewolf 1y ago

Was in a rush when I wrote that. Could’ve worded it better 😂

rewolf 1y ago

Thanks for the transparency! Keep up the hard work.

Might be my ignorance to the tech but I thought all signing was done on the front end and so signing in (with an extension for example) was just a client side session and that the nsec never got shared server side.

TKay 1y ago

Thank you for letting us know. But I guess at this stage, almost everyone’s keys is compromised 😅 I don’t know if I ever logged in with my nsec, but there is a chance I did. I personally don’t believe anything gets deleted ever, so I’m going to guess all the data on bugsnag are still there.

Have you contacted bugsnag about this to make sure they “full format” your data, or will that cause even more attention?

Finally, I would suggest that nsec login to be not only discouraged, but not be possible. Like primal.

Deleted Account 1y ago

Thank you for being honest and open about this. I used Coracle so I'm using this as an opportunity to see what migrating to a new nsec is like.

(Deleted Account) 1y ago

Props for the disclosure. I used Coracle so I think now is a good opportunity to see what migrating to a new npub is like.

NOSTRPUNK 1y ago

This is why I burned my doxed/ compromised key to start fresh with this one. Don't be afraid to start over. We are still early. It's easier to rebuild 600 follows now then 1000000 in 10 years.

nostr:nevent1qqsrz6g5ds3dfht4a6zgdt7k593ujhnrz4njn6mke2fmpwxjc3sgafcpzdmhxue69uhhwmm59e6hg7r09ehkuef0qgsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgsrqsqqqqqpahkpn0

₿logging₿itcoin 1y ago

I used alby, but Is there a way to check if my key was compromised with my npub?

René Aaron 1y ago

You should be fine, that's exactly the point of using signer extensions: You don't give your private key to 3rd party websites, but websites instead request signatures from an extension.

If you used alby, you're safe.

SatsMcD.ai 1y ago

I’m safe. I don’t understand most of the words in this note.

ever4st 1y ago

> Users who triggered an error in Coracle while signed in with their private key, since December 5th 2023.

User login with extensions are not impacted?