I just got off the horn with the folks at nostr:nprofile1qqstfk89k9ef8rqcfzc7knrhczwtujkdvl9mw9l3gazskc9evxjlpkqpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgqgewaehxw309aex2mrp0yhxk6tnd9jkctnwv46zuurv6rf0a3. They have integrated passkey alongside Nostr login. This is an interesting idea worth looking into … 👀
Discussion
Passkeys, Not Passwords
We've implemented passkey authentication, which provides enhanced security compared to traditional passwords. Passkeys use public-key cryptography to create unique authentication credentials that remain on your device.
Designed to resist password-based attacks
No shared secrets stored on our servers
Biometric verification on supported devices
FIDO2 standard compliance where supported
https://bittasker.com/security
nostr:nprofile1qqsgyp73jq94a9sga9wvtvkrnul66vlhzt9rhrvt4qc0ss6759h3juqgld308 nostr:nprofile1qqsqs90ljllqxangyszpk68z5w0nu0y4szzjvsuqxvr7404zgz3tkag8k2wt4 nostr:nprofile1qqsggsmr2dzfk6jqf0tn0vdf9tjkety5dgsj48qvjkraa0td6gar76sgehztc nostr:nprofile1qqsrj7vpw88hh4wy9uw00fsldq4ye74xekuuv002nnar68r6up2hs6s97pua0 nostr:nprofile1qqsr7acdvhf6we9fch94qwhpy0nza36e3tgrtkpku25ppuu80f69kfqppemhxue69uhkummn9ekx7mp0qy0hwumn8ghj7mn0wd68yttjv4kxz7fwv3jhyettwfhhxuewd4jj7lal3ny
I am curious about PassKey … not as a replacement for passwords (Nostr keys already do this) but as a “third party key generator, signer, and manager” for Nostr clients. (Like Amber currently does, but using an industry standard protocol implemented at the OS level.)
I wonder if a single Nostr keypair can be used for discrete event signing (not just login) and accessed across multiple clients via PassKey? This would fill the gap…