Responsible Lightning services that offer NWC really HAVE to provide some way for a user to get back into their account if they are locked out. We use a 40-year-old technology -- email -- along with a 15-year-old technology -- 2FA.. because we're conservative. A service could also use Telegram, SMS, etc. But fundamentally a service MUST provide a way for a user to recover his/her account. Just "login with your nsec" is not good enough. Users will fuck up, lose their nsec, and lose their funds. That's our opinion. Not everyone will agree.
Discussion
Ok, so then blink to have this but only phone and telegram. Not emails. Make sense to me to offer the email alternative.
I prefer email over SMS because itβs easier to protect privacy with an email address. Either way youβre still dependent on a third-party service. I understand the hesitation to use a Nostr login method but have you considered using magic links/login codes with DMs or NIP-07/46 signers?
Walk me through how "account recovery" would work with this strategy. Like. "I'm a normie, and I forgot how to access my sats." Do you know how it would work?
Probably the same way Damus Purple logins work. Itβs dependent on the user maintaining access to their uncompromised nsec, but otherwise they would simply enter their npub into a form and receive an OTP code to login.
OK, so, walk me through this.
This is system it to log users into "Damus Purple", their premium service.
1. User has to be logged into Damus (with an nsec)
2. User submits a their npub
3. User is logged in to Damus Purple via the OTP sent via Nostr DMs.
Do I have that right?
The issue is this: I think a user's sats and a user's Nostr nsec should be firewalled -- for the same reason that normies don't log into Instagram with their Chase account, and don't log into Chase with their Instagram account. It's more secure to keep money separate from identity.
Or am I missing something?
No, you got it correct. I guess my question is are the userβs sats safer using an email address provided by a centralized service that can be revoked?
https://www.pcmag.com/news/journalists-hacktivists-proton-mail-reinstates-suspended-accounts
Sure, email addresses can be revoked. On any given day, for a Normie, this is a 0.0001% chance that this will happen. On any given day, for a Normie, the chance that they will misplace their nsec (or never even understand that they have an nsec, in the first place), are like 10%.
So you wouldn't consider this even as a backup or alternate 2FA method for that reason?