Replying to Avatar hodlbod

Can you compare/contrast this with fiatjaf's promenade project? Can frostr be reconfigured to support third-party shard custody? It would be great to solve key management and rotation without users having to learn how to do it (at least to start). Short of collusion between providers, I would imagine custodial shards would be pretty safe.
Avatar
bitcoinplebdev 10mo ago

I haven’t looked into promenade so not sure on that.

if I’m understanding your question correctly with Frostr you can configure basic permissions on a given share within signing client (send / receive / both) meaning it has permission to either send a request to another share for sig, only receive requests, or both.

This effectively allows you to have a “third-party“ share (receive only) that you could give out to different clients/services for signing

nostr:npub1gg5uy8cpqx4u8wj9yvlpwm5ht757vudmrzn8y27lwunt5f2ytlusklulq3 I get this right?

Reply to this note

Please Login to reply.

Discussion

Avatar
hodlbod 10mo ago

I don't understand the receive/send distinction and why it's important. Is it just that you want certain shards to be passive and unable to initiate requests because they're in an untrusted context? This seems like it could be a nice complement to the usual pattern of nagging the user about every permission request.

On promenade, I highly encourage you to check it out: https://git.fiatjaf.com/promenade

It's currently used by https://start.njump.me to encourage new users to get started with a multisig bunker, without having to set up any signer software on their end. This seems pretty close to the ideal of abstracting away keys for new users without compromising security too much.

If we get key rotation, simplier coordination, and/or encryption using frostr, that's an improvement over promenade. But third-party shard custodians have to be plugged into the nostr social layer via NIP 89 so that we can avoid collusion of dishonest signers.

Avatar
hodlbod 10mo ago

Hey, would either of you guys like to come on nostr:nprofile1qyw8wumn8ghj76r0v3kxymmy9e3k7unpvdkx2tn5dahkcue0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgmwaehxw309aex2mrp0yh8wetnw3jhymnzw33jucm0d5hszrnhwden5te0dehhxtnvdakz7qgkwaehxw309ajkgetw9ehx7um5wghxcctwvshsqgxl78v8swd99cullfn0jccnlydssu6dftxdnnkvw8tclsh25uvk8ggymjp8 and talk about frostr?

Avatar
bitcoinplebdev 10mo ago

Yeah I’m down, might need to be next week though.

nostr:npub1gg5uy8cpqx4u8wj9yvlpwm5ht757vudmrzn8y27lwunt5f2ytlusklulq3 ??

Avatar
hodlbod 10mo ago

Yeah, no rush. I'll send you a DM with a link

Avatar
hodlbod 9mo ago

Hey, did you guys get my DM? I'd still love to get something set up.

Avatar
bitcoinplebdev 9mo ago

No I haven’t sorry! Am still down though! nostr:npub1gg5uy8cpqx4u8wj9yvlpwm5ht757vudmrzn8y27lwunt5f2ytlusklulq3 ?

Avatar
Garbage nsec 10mo ago

Promenade with a management layer (preview from daniele below) seems like problem solved almost entirely. I can't picture what else you'd want?

And Frostr great for advanced users to take it further.

nevent1qvzqqqqqqypzq77777lz9hvwt86xqrsyf2jn588ewk5aclf8mavr80rhmduy5kq9qqsqqqqv6w6jgsef6cfw8k8djv9yw36pdthjf0qa890vvzysgk964zqqsregp

Avatar
bitcoinplebdev 10mo ago

I’ll spend some time with promenade this week! Will try and get a simple comparison between our two approaches

Avatar
cmd 10mo ago

You don't want to send requests to off-line or intermittent peers, so the "send" list let's you to select which peers you expect to handle your requests.

The "receive" list is less important to manage, but you may want to be restrict your node's participation with high-risk nodes, in case they get compromised.