Subnostr

Why not use a cold card? This is definitely superior in terms of security than an old phone. Also, it depends on the use case. For your pocket money: fine, do whatever you went, be creative, whatever works best for you. For your life savings ? Definitely not a good idea. Why not use multisig. Why not instead of rotating keys, sending once a month an amount you are willing to loose to your phone, and keeping the rest of the stack safe in cold storage?

Crusty 👨‍💻 6mo ago

I was thinking in nostr terms. I think, nostr and bitcoin needs different usecases, therefore different security solutions are there.

In bitcoin, probably you dont need to use your privatekey that often. So having a multisig setup is good, and advised.

However for nostr, you use your keys way more often, and you might want to use it not only at home, and you might not want to take your multisig setup around to post on nostr e.g.

The proposal of using phone is just a simplification, but with similar security guarantees as a signer, if the phone has a secure element with unextractable features (meaning your key cannot leave the device, it has to be used to sign). Of course this unextractable feature depends on the phone itself.

Reply to this note

Please Login to reply.

Discussion

Satty 6mo ago

I see, didn't read carefully. Great advice, thabky you