Nostr Web Client

We have to decide if logging in with nostr is a desire-able thing to have. The ecosystem seems to be moving to passkeys, i don’t see why we necessarily need npub identities for login. There are many reasons you wouldn’t want that: privacy, etc.

Water Blower 1y ago 💬 2

What are passkeys?

Reply to this note

Please Login to reply.

Discussion

jb55 1y ago 💬 1

https://developer.apple.com/passkeys/

https://developers.google.com/identity/passkeys

https://blog.google/technology/safety-security/the-beginning-of-the-end-of-the-password/

Water Blower 1y ago 💬 1

So a private key is stored locally on device and the corresponding public key is stored in the server.

That’s pretty much just Nostr sign-in.

The only difference is that passkey approach generates a new key for every app. It’s like using a different private key for every nostr client.

Kendy 1y ago 💬 1

Sounds like a massive difference. A compromised nsec would be catastrophic.

Water Blower 1y ago

Yes. This discussion has changed my attitude towards Nostr Signin/Connect

The Daniel 🖖 1y ago

They’re login tokens that are encrypted on your device and tied to a master identity.