Replying to Avatar Matthew

Am I thinking about this correctly?

nostr:nevent1qqs2zacptcu9up3dvy2hzskcagn93unt5qwzjgkfv8v4hp2r765haucpremhxue69uhkummnw3ez6ur4vgh8wetvd3hhyer9wghxuet59upzprqn8vcs83tj32r2c97rk6slm6cs39xaxjdfv5e9l5ghksznw9g9qvzqqqqqqyp0zlzt

Avatar
Garbage nsec 10mo ago

5. You'll need to get your primal.net/dude link back from Primal (example) to ensure that if your profile has been linked to on the web by others then it'll go to your new npub. (Many people are going to share your profile via a link) To do that you'll have to prove you are you to Primal, but Primal might be hesitant, as that'll make them look like a central authority. And that's assuming you have a way to prove to them that it's "your link". There are a few clients that make such links.

6. You'll have to accept that all the places on the web that have shared you via pasting your npub directly (StackerNews, Reddit, whatever), or where you've shared it yourself, are at best dead links, and at worst (if you can't nuke your account) leading unsuspecting people to a phishing account.

7. All your private DMs are potentially exposed

8. If you're slow to nuke your account the hacker can insert notes in the past from before you announced you lost the key, causing much confusion

Reply to this note

Please Login to reply.

Discussion

Avatar
Matthew 10mo ago 💬 2

Thank you. That all makes sense and is helpful. The last one is particularly difficult to deal with.

Would it be possible to create a recovery key scheme... Like when you create your keypair you create a second keypair (offline, cold storage, etc) that signs a single "distress signal" linked to the original keypair, and all of the clients incorporate a flag of some sort when you are seeing a note from an npub that had it's distress signal broadcasted?

Avatar
Garbage nsec 10mo ago

Things like that are strong ideas but are difficult for various reasons. The closest NIP is the newly-merged nuke your account NIP (tell client to tell relays to delete everything and ignore your pubkey) but even that will be hard to coordinate, have a read of the link below for all the chatter on that NIP, good stuff.

Another thing to consider is that most times your key is compromised you'll never know. The hacker is waiting, reading all your DMs, keeping a close eye on your zaps, your cashu balance, for months, maybe even years—all the while you have no idea your key is compromised. There is no "see all devices where I'm signed in" UI in Nostr, nor can there be.

It could be that the future of Nostr is simply not for the kind of social history building that we're doing now, but for something else more transient in nature.

https://github.com/nostr-protocol/nips/pull/1256

Avatar
Matthew 10mo ago 💬 1

Thanks. Will have a look. Personally, I treat nostr as a permanent internet public square (everything is open for all to see, including eventually DMs). And what I carry in my wallet in this square could get stolen. So I don't care about deleting stuff already on relays; I care about making sure that I and only I can broadcast to the network that my key should be considered forked to a new key. That seems like it ought to be doable.

Avatar
Garbage nsec 10mo ago

I think that's probably the right way to look at it, a sort of glass box but one that you own.

The key forking thing is hard. The best way may be to start off from scratch with the combo of both a virgin (secure) nsec and FROST bunker URL, created at the same time. You can get such a combo at njump.me via the join nostr thing.

Write that nsec down somewhere, store it in a few places, and never paste that nsec into anything. Nothing. Nowhere. Ever. Only use the FROST bunker URL with clients. And only come back to the nsec to create a new or revoke an old FROST URLs (those are disposable).

That way you'll never lose your account, some hacks your FROST URL, just revoke it, nothing about your npub needs to change.

Problem is FROST is in early stages, not a lot of clients support it. But it is the solution you're looking for by the sounds of it. This guy below gets it:

nevent1qvzqqqqqqypzpx8xhrzg2fzrs2kr89sz4x8c8svrsg8ptwy4z4unzdv9lfwy0kuyqqsdc20kcqqcns2c5cd6t5jvvgcg7slrqtkc6xv7k7vtyu9vhvkv06cjc04mr

Avatar
Matthew 10mo ago 💬 1

Sounds like what I had in mind!

Avatar
Garbage nsec 10mo ago

Cool. Give it a few months, I'm guessing. Driving force here:

nevent1qvzqqqqqqypzq77777lz9hvwt86xqrsyf2jn588ewk5aclf8mavr80rhmduy5kq9qqsqqqqv6w6jgsef6cfw8k8djv9yw36pdthjf0qa890vvzysgk964zqqsregp