Subnostr

I almost lost my Nostr private key today 😨

Short #nostr story:

I had an issue with Alby. The LN address and amount displayed in the extension weren't mine (not the ones for the account I'm using to post here). So, I removed both accounts from Alby - because removing only 1 didn't help.

When I re-added my account to Alby, there was a different master key - basically, I had to set it up again when connecting to Primal. Of course, I knew something was wrong. I went to Primal: Fresh account.

So, I removed the master key, and imported the old one I had saved. I went to Primal: Fresh account. Again.

I tried to remember how I had logged in to Nostr the first time... And I found a key pair. But I proceeded to use my public key in Alby, instead of my private key. 🤦‍♂️ Of course, when I went to Primal: Fresh account. Again.

I thought my account was gone forever, and went for lunch.

With my belly full, I tried again, and I used the private key i Alby this time. And, oh magic: I have my account back!

I believe I'm quite tech-savvy, but I was quite at a loss today. And it doesn't feel good losing your private keys - even if I didn't. I can't imagine losing my #bitcoin private keys... So, I need to be ultra careful and cautious - consequences are irreversible with decentralized protocols.

Reply to this note

Please Login to reply.

Discussion

Alby 1y ago

Hey, thank you for valuable feedback!

We're constantly improving trying to make sure that users understand self-custody and risk + responsibilities that it faces.

Remember that you can have multiple profiles (wallets) within the extension, we can see it might be confusing where is lightning, where is nostr etc.

Primal is sometimes tricky, it often works to clear site data when browsing with another profile.

Let us know if we can assist you any time!

Midas 1y ago

Sure, happy to share that kind of event.

I've been using multiple profiles for a while. But here's what was wrong in the extension:

At the time, this was not the LN address assigned to the account I was currently using. But it was the LN address of one of my other accounts in the extension.

But this other account displayed its own LN address when I selected it, as it's supposed to.

I'm not sure how the mix-up happened. But it must have been during the setup.

I wonder if it's because I was connected to the web version with a different account at one point. And some cache kept the data of 1 account while I was using another one.

saunter 1y ago

Seems like we don't have a validation when user wants to import nostr key with theyr public key 🤔

I'll try to push to have that!

Midas 1y ago

Yes, I think it could help, especially when the user isn't paying attention - or doesn't really know the difference between public/private keys.

Thanks for the sweet sats 💜 🧡