Nostr Web Client

Replying to

Laeserin

We rely too much on encryption for privacy. Best privacy is to just not put it on the Internet, in the first place.

Laeserin 1y ago

FOSS isn't adequate protection against leaks.

1) Code is TL;DR and draws upon libraries that draw upon libraries, so assume nobody read it.

2) Developers can make mistakes or simply not foresee an attack vector.

3) Even the stuff that is audited is not necessarily audited in every version.

4) Gov devs and malicious hackers spending months or years building trust is a thing.

5) Nostr adds the honeypot of controlling zaps, to the hacker motivation. Someone could eventually become very wealthy by simply collecting nsecs quietly and then suddenly zapping themselves everyone's wallet contents and disappearing.

Reply to this note

Please Login to reply.

Discussion

tolot 1y ago

1,2,3,4 completely on point. With regards to 5 I wonder how someone could get in possession of sats by simply stealing a nsec. I guess that if I were to receive some zaps but the amounts are not going to be reflected in my wallet I would at least think that something is going on.

Clearly there's a point for services like npub.cash where lnaddress is liked to npub, but only a small subset of Nostr users actually adopt these kind of services.

What am I missing?

Laeserin 1y ago

Although...?

Wouldn't this also apply to any webclient you authorized with nsec-input and then connected to a wallet? It's just a website connected to your wallet, in that case, with the nsec as login data.

Or is there some additional control?

tolot 1y ago

Fair enough, the only corner case may be if an attacker collects X nsec (with X being tens of thousands or more) and then in an exact time T he/she runs some script to sign an event that changes the LNaddress for any nsec he/she holds. In that case he/she could quietly wait until someone figures this out and spreads the news a time T+1 This empowers the attacker to steal only the zaps occurred between T and T+1, given that after T+1 people would stop zapping each other as a precaution.

The danger here is possibly bigger from the trust pov rather than economical...am I going to zap someone anymore if I'm not sure that the npub I'm zapping is actually in control of its lnaddress?

Just riffing btw, but clients where you login with plain nsec are possibly dangerous, I agree

Laeserin 1y ago

For a while, that was how most of us where doing it, most of the time.

Laeserin 1y ago

Also, as far as I know, if anyone's account is compromised, so is anything you wrote to them.

Laeserin 1y ago

Like people DM me all sorts of stuff and I've put this nsec in every damn client out there and authorized everyone.

Just assume other people are reading along.

I will never DM you for money, tho.