My dream FROST-like setup is 1 of n signature scheme where:
1 - each device/app creates its own private key that simply cannot leave the device (like a security chip)
2 - new keys can be added/rotated to the scheme without changing the main pubkey.
3 - encryptions to the main key can be decrypted by any other key from the n set.
This is probably impossible right now, but who knows what the future holds.
Already happening but with revocable device tokens, not keys...
Must remember that not everything needs to be done galaxy brain multisig scheme
Where?
Trying to get this out of sandbox into prod today actually
test-auth.shock.network/learn
Nice! Is it a NIP-46 with permission management?
Basically but not exactly, don't remember the details but found nip46 wouldn't be scalable as a provider due to unique listeners, and the double wrapping of the event makes for performance issues and lowers the size ceiling so we use a straight socket for the widget component
The widget itself uses nip07
Too bad.. NIP-07 doesn't work on Native apps :(
Why not? Should be trivial to add in an adapter function
There is no window.nostr in native iOS or Android. That's why NIP-46 got created. In that way, the client uses a secondary nostr key to get the decryption, encryption and signatures of the main key in a remote server.
Seems either way you're dropping in a client, so the window.nostr probably doesn't matter in that context as you could use the sanctum client directly just as you would with nip46
We haven't broken out the widget to its own repo yet but will shortly after Nashville so you can have a look (this is powering our wallet and video site which are higher priority to get stable)
Just from a user perspective I would want this so much.
Also in combination with at least one versatile, open source "security key" electronics design suitable for fitting into everyday wearables, eg. pendants, rings.
Have been wondering whether FIDO keys like TKey and OpenSK offer some starting point there.
