Nostr Web Client

yes, that is possible. you could create multiple sets of shares for your nsec, and run them concurrently. generating a new set doesn't invalidate the old set (you have to dispose of shares properly).

the bifrost node will only cooperate with peers who have a pubkey in the same group as them

in the future, igloo will be able to run multiple shares/nodes, which means you can participate in multiple signing groups, even for the same nsec

I don't have a clear use-case for doing this, other than more graceful rotation between sets (phase out the old set after the new set is in place).

Vitor Pamplona 10mo ago

If I want to airgap my nsec, how would I set this up? Is Igloo the piece that stays offline? If so, How do I transfer a newly generated share set from the offline application to the main signer that knows the pubkeys of all shares?

What I am trying to do is this:

- no online device has my nsec.

- I use an offline computer to generate 3 shares in 2 of 3.

- 1 share goes into Amethyst.

- 1 share goes into Olas.

- 1 share goes into Amber.

All of them are in the phone.

Amethyst and Olas both need to communicate with Amber to sign.

No single app has the full nsec.

Questions:

- Do I need to pick a coordinator among the 3 signers?

- What do I need to transfer from the offline nsec holder application to each of the app? Just the nsec? or the nsec + the group of other keys authorized to sign on my behalf?

Reply to this note

Please Login to reply.

Discussion

cmd 10mo ago

- Do I need to pick a coordinator among the 3 signers?

No, the node requesting the signature is the coordinator.

- What do I need to transfer from the offline nsec holder application to each of the app?

there are two encoded strings that you copy/paste: the group string and the share string. You do not need to transfer the nsec.

You can run igloo offline and air-gapped as a key manager, and another copy of igloo as a desktop signing node.

We have plans for a mobile app that will run as a remote signer using NIP-46. TBD.