Replying to Avatar rabble

It’s they want something they can localized in to Te Reo, has a default list of cities and Marae’s and things like that. Also because they believe in sovereignty they want to run their own relays.

I’m curious about your updated nsec hosting, i think having a good solution for that would really help nostr take off. It’s one of the big advantages of the way bluesky puts your keys on the PDS and then lets you have the PDS custody them. Either bluesky run or if you host your own.
Avatar
PABLOF7z 1y ago πŸ’¬ 16

I stopped developing nsecbunker because it had horrible centralizing tendencies which caught me off guard; I launched it as a POC but it started taking off in a way that would have been bad for nostr would it have continue to scale like that.

We are now getting a FROST-based bunker that solves the completely custodial, completely ruggable setup in favor of a collaborative-custody of private keys. The difference between a Coinbase and an Unchained or Casa: signers assist in getting you keys but they can't unilaterally sign on your behalf.

For the user it *looks* the same, it's as frictionless as Bluesky where the user can choose to ignore all key material, but in the back there is no one single party with access to the entire key which is a massive difference in terms of sovereignty.

Reply to this note

Please Login to reply.

Discussion

Avatar
Svetski 1y ago πŸ’¬ 1

Interesting. Looking forward to see it

Avatar
Laser 1y ago

Very interesting.

Avatar
Bac0t 1y ago

wen

95
Trooster 1y ago

Appreciate you πŸ‘¨β€πŸ’»πŸ‘¨β€πŸ”¬

Avatar
jaonoctus 1y ago

big if true

Avatar
ABH3PO 1y ago

Idk if it's only me but I hate this shared custody stuff. Teach your users to self custody through good UX. It's not impossible to keep a private key safe.

I'm not against personal remote signer's. I just don't like THAT being the way most people are going to interface with nostr.

nostr:nevent1qqsf622k6hctk357a0c0ugfnsul636acf9aasdxkej23t7gdasmrufspzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtczyrafsj7hmweg9ur7zmn6apajdg48hxuskujx53rhrux0ttjcqx84yqcyqqqqqqgdp379q

Avatar
SOVEREIGN Community Infrastructure 1y ago

I’ll support

Avatar
Nuh 1y ago

Really curious about this, how would you setup this to be UX friendly?

Where are the user controlled keys are going to reside? I suppose there will need to be a user controlled active signer somewhere no?

Avatar
Constant 1y ago πŸ’¬ 2

The proces on https://join.the-nostr.org/ (just a demo, do not use it) is rather smooth, only that this does not explicitly give you the underlying privatekey, but it is actually stored locally so trivial to add.

You 'need' an active signer only if you want to be part of the multisig. Not sure how usefull that actually is, you only reduce the trust a tiny bit. Its still a threshold signature so collution is still possible so at the end of the day you still trust those that you made part of the FROST.

So no, you dont need to be an active signer, you just get a bunker link and you are off. If the link gets compromised you can ask the signers to stop signing and create a new FROST based on the same key with the same resulting Npub

Avatar
Nuh 1y ago

so let me get this straight, you hire more nsecbunkers instead of just one? I am not going to pass judgment on that I promise I just want to know what is, and will keep mu opinions to myself this time.

Avatar
Constant 1y ago πŸ’¬ 2

nostr:nevent1qqsvj0cct80na8szr4wj7p2ljc76hqjzggumvg9n2lv6shz6945ltdsprdmhxue69uhhyetvv9ujuumwda68ytnwdsargwfe8yuj7q3qt6jxfqz9hv0lygn9thwndekuahwyxkgvycyscjrtauuw73gd5k7sxpqqqqqqzmja3dw

Avatar
Nuh 1y ago

πŸ˜… I am not concerned with collusion because I don't even think I can get a single human being to signup yo multiple services to do just one thing, I can't even convince myself to bother.

Avatar
Constant 1y ago πŸ’¬ 2

I dont follow. What do you mean by 'multiple services'?

Avatar
Nuh 1y ago

Don't you need multiple service providers to hold your keys and sign on your behalf, basically multiple signers, these are services.

I can't imagine the UX of asking normal people like myself to sign up to multiple providers and judge who deserves my trust and who don't

Avatar
Constant 1y ago

Meh. You can just trust an aggrigator directly like on that demo-site, or a nice market place where you select your providers, pay and move on with your day should do it.

Judging whom to trust is a problem in so many places/things yet the world still functions.

Avatar
Derek Ross 1y ago

πŸ‘€

nostr:note1n554d40shdrfa6lslcsn8pel4r4msjtmmq6ddny4zhusmmpk8cnqxtv0s5

Avatar
franzap 1y ago

Have you been working on the FROST-based bunker already? POC?

Avatar
Constant 1y ago

Yes there is a POC:

https://join.the-nostr.org/

⚠️Dont actually use this!⚠️

Avatar
Keysa - Simplest Bitcoin Edu 1y ago

Really good to hear thanks! I’ve had so much trouble trying to use nsecbunker and kept thinking it was my lack of skills πŸ˜…

Avatar
CappyNate🍁 1y ago

What is the current safest key signing method(s) for clients to use for nsec's?

In dummy language for me?

Avatar
Bee Aye 1y ago

good job pivoting πŸ€™

Avatar
cmd 1y ago πŸ’¬ 2

already working on this

frostr.org

it would be good to collaborate, instead of having separate projects

Avatar
PABLOF7z 1y ago πŸ’¬ 1

ah cool! didn't know about this!

Avatar
cmd 1y ago πŸ’¬ 1

I see that my reputation for being terrible at marketing precedes me πŸ˜‚

Avatar
Svetski 1y ago

πŸ˜‚πŸ˜‚πŸ€ŒπŸΌ

Avatar
jungly 1y ago πŸ’¬ 1

You should come along to the FROST roundtable. They would love to hear about your work on frostr.

Avatar
cmd 1y ago

sounds like fun, do you have more info?

Avatar
jungly 1y ago

Great news! Do you have a design doc or a repo we can look at yet? Thanks.

Avatar
Jake Woodhouse 1y ago

Would love to see this and use it. Heard of nsecbunker, as wanted to find a way to co-manage a nostr profile for content creation.

Use case was: how to have a podcast editor load, write, and post on Nostr, without having full control of the nsec.

How do I solve this?