Nostr Web Client

Replying to

Foundation

Build Anything. No Limits.

Cool ideas💡

🔹Lightning Wallet

🔹Inheritance

🔹Password Manager

🔹Encrypted Notes App

Endless opportunities, Bitcoin, encryption, authentication.

What would you like to see built?

Dr. Bitcoin, DPT 10mo ago 💬 1

• QuantumLink authentication channel signing QR codes using cryptographic keys (Passkeys?)

in addition to storing 2FA codes within your password manager, you can utilize the Passport Prime device as your own authentication provider using the cryptographic keys stored in the device - and nowhere else.

This could be similar to nostr:npub1q6mcr8tlr3l4gus3sfnw6772s7zae6hqncmw5wj27ejud5wcxf7q0nx7d5's amazing concept using a #safebox where users can directly authenticate with each other using an encrypted channel for that temporarily active session.

Tim, correct me if I’m entirely off the mark, I understand the skepticism you feel about platform-based authentication methods, but I couldn’t help but introduce your idea to help steer them into a direction for better digital security methods. Not to sound like a broken record, but I’m still mind-blown after seeing your live demo with nostr:npub1t8pwzkkhhs94e9acgw9jwca9csyl7a4tnpdttu05039um5j7d6xs72gkvf

Reply to this note

Please Login to reply.

Discussion

Tim Bouma 10mo ago

The session is negotiated and established via an encrypted (giftwrapped) dead drop on any relay I decide to use. Relays give you the ability to do dead drops, totally unique on #nostr.

If the dead drop is cracked, the only info compromised is the session nonce which is useless after the channel session is closed. The only (very small) concern I have, is the potential harvest and decrypt threats for NIP44 encrypted payloads. Looking into post quantum algorithms for that.

Bottom line: don't need post quantum for ephemeral stuff, maybe for longer term stuff.