Nostr Web Client

I understand. I imagine I have really annoyed a ton of people but oh well.

Key pairs for Nostr are great for verification but are a disadvantage towards certain security measures. Nsec is only as secure as the app that generated it and is only as secure as the least secure platform you stored/used it on. Takes a lot of responsibility, which I'm fine with, but most people aren't.

If you want to change security requirements (like me) you likely need to burn your key... I guess it's no different to PGP keys that expire on a set time but I'd really be waiting for a dedicated secure hardware signer before I ever share my Nostr nsec keys on any other app or device... and id probably also rotate my keys again if a device existed.

Brunswick 1y ago

Why not create a new nsec/npub first, post from your original identity indicating the new npub, then burn your old npub? To just burn and start over with the same underlying identity, I would like to know why that is a preferable procedure?

Reply to this note

Please Login to reply.

Discussion

Final 1y ago

That would be the standard procedure, but circumstances about the event meant I couldn't. Users should announce change of keys if able to.

Brunswick 1y ago

Understood

Brunswick 1y ago

This sounds ominous

hodlpleb 1y ago

If planning ahead, could plant a SHA-256 message somewhere in your feed, then if you ever need to use it you can post the clear message on your new npub and point to the old SHA, to show that you were the one that posted the message on the old npub

Final 1y ago

Wasn't really something I looked into since it was extremely unexpected. Also up to believe official GrapheneOS platforms would suffice in announcing my key change. I dont want to spread fear by people misunderstanding a personal and isolated incident as a GrapheneOS one.