Avatar
Tim Bouma 11mo ago

The cool thing about #nostr is that it allows you to experiment with different (disruptive) security models. For example, all data can be signed, portable, out in the open but encrypted by the owner. This has massive and positive implications for those needing to be custodian.

Another disruptive thing I am experimenting with is component identity. For #nostr #safebox , the safebox component has its own private key, so in effect it is a first-class citizen of the #nostr ecosystem. A wallet npub can be recognized in whatever trust/reputation ecosystem and can be linked to an ‘owner’ (human), if necessary. This has some fascinating implications, because safeboxes can become fully delegated agents - you decide to trust the safebox and can holder owner to account, if necessary.

This has some pretty cool implications in healthcare. A doctor might work in multiple clinics. For each clinic, they may be provisioned a wallet that they are designated the owner. It is the wallet that signs the note, not the doctor’s but their identity is linked. A clinic, or a downstream healthcare provider can decide to trust a wallet, according to whatever governance model is in place. This is a nice clean separation of accountabilities that can only happen with the #nostr protocol, in my view. I am actively experimenting with this concept - more details soon!

Reply to this note

Please Login to reply.

Discussion

Avatar
Creature 11mo ago

I don't like exposing even encrypted data. If the data is safe-guaeded AND encrypted, the malicious party needs to get in AND decrypt. There's an extra step, a barrier. If it's left in the open encrypted, that wxtra safe step is gone.

Don't forget that quantum computing is on the horizon, with all the implications that entails for decryption.

Avatar
Tim Bouma 11mo ago

I no longer trust third-party safeguarding. That went out the window a long time ago. My starting position is that if it is hosted in the cloud, it is compromised. I might safeguard for my own, keeping the main relay in a secured network, but no longer make that a security assumption for others.

I already have some buddies looking into PQC - hopefully a NIP-44-PQC soon.