Avatar
Leo Fernevak 2y ago

There is always a risk that an individual Nostr private key become compromised.

If that were to happen, we are still fortunate that the thief cannot ban us from our account or prevent us from posting from our account.

If we implement a form of account protection that hasn't been thoroughly considered, we have to bear in mind the risk that we might end up in a worse situation where we could be locked out from our social media. Account security measures have to be considered very deep and hard.

Since notes are public, the main target area for theft is the account itself and our private messages. A separate password or passphrase to lock private messages would reduce that risk.

One solution to the risk of account theft is to create 1 or several Nostr backup accounts. Cheap and easy without relying on third parties or KYC. If the main account is compromised at a future point, those backup accounts would be the most authoritative on-Nostr channels for account verification. Creating and verifying those backup accounts before our account is compromised could be a good idea.

Reply to this note

Please Login to reply.

Discussion

Avatar
Neo ⚡️ 2y ago

Backup accounts sounds promsing imo. I'm sure stuff like this will envolve. Once we have HW based solutions to create / manage keys I would set some up.

Avatar
$elfish gene 2y ago

подпиши свой ключь паролем... как биткоин кошелек...

Avatar
Leo Fernevak 2y ago

Example:

If we set a password or passphrase for locking/unlocking our private messages, we could then have a user option to lock private messages on logout or user inactivity for a certain time.

Avatar
captain ☦️ 2y ago

This is exactly what I was thinking!

#[0]

Avatar
fcb 2y ago

I've been thinking about this as well. I wonder if a sort of multi-sig or multi-signing solution can be added to the system. There's potentially a way to have two backup accounts that could both be used to 'approve' and account transfer. We'd need someway to track how this happens, maybe a special type of event from the compromised account that points to the new account. The clients would have to do the work of connecting the dots between the accounts, but this should be a huge lift on the client side.