Thank for the links will check them out.
I'll let someone smarter than me get into the weeds on this.
As I understand it, there was a lot of thought and even a spec created for key rotation, but it ends up creating more problems than it solves. See NIP-26 and the discussion around it:
NIP-26
https://github.com/nostr-protocol/nips/blob/master/26.md
Some issues discussing key rotation:
https://github.com/nostr-protocol/nips/issues/103
https://github.com/nostr-protocol/nips/issues/116#signed-out-banner-sign-up
https://github.com/nostr-protocol/nips/issues/123#signed-out-banner-sign-up
https://github.com/nostr-protocol/nips/issues/247
https://github.com/nostr-protocol/nips/issues/654
https://github.com/nostr-protocol/nips/issues/726
https://github.com/nostr-protocol/nips/pull/1051
https://github.com/nostr-protocol/nips/issues/1810
https://github.com/nostr-protocol/nips/pull/1837
https://github.com/nostr-protocol/nips/issues/1959
It's a lot to read, but it shows that our intrepid devs have not just ignored the issue. It is one that has been discussed multiple times at length without a good solution so far.
Bottom line: Don't stick your nsec into clients directly. Use a signer app to limit the potential for your private key to be compromised.
Discussion
No replies yet.