As someone who has tried very hard on multiple occasions to have secondary/sub keys and using nsec bunker to let others post with limited permissions to my key… I can confidently say it’s all trash. And I don’t mean that like nobody worked hard to build something cool, because I know people did, but it’s practically all unusable.
Discussion
Totally fair. It's all tradeoffs. Getting the UX right while preserving our core principles is reallllllly difficult.
I was just thinking to myself this morning about nsecs and what to do if yours gets compromised? Is there a way one could have multiples linked together as you, so that you could deactivate one if it got compromised (or lost or something) and still proceed with your same identity and all your previous notes and social graph? It's not like you can just change your password as with other apps.
Maybe an nsec bunker could help with this? Maybe it already does? Honestly, I've found them too confusing to use myself, and it sounds like nostr:nprofile1qqstnem9g6aqv3tw6vqaneftcj06frns56lj9q470gdww228vysz8hqpz4mhxue69uhk2er9dchxummnw3ezumrpdejqzrthwden5te0dehhxtnvdakqz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcjgxv3n hasn't fared much better:
#asknostr #askdevs
As a comparison, ‘app passwords’ on Bluesky have been in the app longer than feeds, gifs, videos, and any moderation tools other than mute.
They are easy to create, revokable, single use passwords for use on third party apps and tools. The interface is stupidly simple, and it dramatically increases security of your main password for those that choose to use it.