Nostr Web Client

could someone ELI5 why nostr keys can’t do something like bitcoin’s xpub?

NIP-26 uses BIP-32 hierarchical, deterministic address generation, just like an XPUB does. But NIP-26 it does not broadcast the XPUB. It broadcasts just the latest pubkey, which is analogous to an address in Bitcoin.

fiatjaf’s critique of NIP-26 is that if it is adopted widely, then identifying people by pubkey no longer works. Everyone needs to be on the lookout for new keys. This makes NIP-26 effectively mandatory since anyone not using it wouldn’t be able to follow people (a key feature of nostr).

There’s probably a cryptographic solution which allows for a stable identifier with hierarchical keys. It just hasn’t been discovered/proposed yet, to my knowledge.

Reply to this note

Please Login to reply.

Discussion

ben 2y ago

really appreciate the explanation! it sort of sounds like the inverse of how xpubs are used in bitcoin, where you WANT 3rd parties (clients/relays) to be able to dereference the root pubkey.

jimbocoin 🃏 2y ago

In #Bitcoin, you generally don’t want want the whole network to track your behavior. So the standard guidance is not to reuse addresses (hashed pubkeys). In the rare circumstance that you DO want someone to be able follow, then your XPUB has everything they need to generate all of your wallet’s addresses.

In #nostr, you DO want people to track (follow) your posts. The current solution is to use a single pubkey. A different, as-yet-undocumented solution would be to use an XPUB-like data structure as your identifier. This would allow you to sign posts with different private keys while your followers had a consistent identifier to track.