What’s the best way to store and interact with your NOST private key?
#asknostr
Discussion
Amber on Android
Alby extension addon in web browser
I don’t think I want to give my private key to an extension… what’s the trade offs here?
Is there another way? NsecBunker?
As of right now
Extensions
browser or mobile like Amber [only available on android])
Why extensions over something like NsecBunker?
nsecbunker is good too
We really don't have a good way to store your nsec offline yet, so anything that is FOSS & vetted to store in the local cache is the best we have rn, extensions too
Yeah, what’s up with that? I preordered an sats link device but it got canceled? nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft
There are currently 3 ways to sign without entering your nsec into the client.
1. NIP-07 via browser extension. Almost all web apps now support this method, and it has a pretty good user experience, but users may not be comfortable with storing their keys in a browser extension.
2. NIP-46 first used via NsecBunker, but now also available for use via nsec.app, Amber signer on Android, and most recently with a unique method of splitting your key between three remote custodians via njump's new onboarding app. However, NIP-46 support is much less common among clients, and it often just seems to not work, even if it is supported.
3. NIP-55 Android Signer which is only available via Amber at this time. It is my personal favorite option, as it is very user friendly and your keys are stored locally by an open-source app. However, there are even less options for this signing method among clients than there are for NIP-46.
We do not have any way to store keys offline, because your key is needed to sign EVERYTHING on Nostr. It's similar to the reason keys cannot be stored offline for Lightning. We would need to have the ability to generate child-keys that can be used instead of the parent-key, and which can be revoked if they are compromised, before we would have the ability to store the parent-key offline, and use the child-key for regular event signing.
Thank you for the detailed response!
For that last paragraph, is that solved by Frost?
I see FROSTR is being developed, seems an initial PoC has been built. Have you looked into this, and if so, what’s your thoughts?
Great question! The short answer is no.
However, FROSTR is a very interesting way to have multi-sig for Nostr signing. However, each key shard is still kept hot. These are not child-keys so much as portions of a full key that are split apart so that it takes a quorum of the parts in order to sign.
This is being used in Njump's new onboarding tool announced here:
The way it is implemented, signing requests are sent to the key-shard custodians via NIP-46 and are automatically approved. Pretty cool idea, but not an answer to the key management problem entirely.
Hmmm, a difficult problem to solve indeed. But it does need to be solved! Relying on browser extensions is not the way to go…
Is the best solution, as it currently stands, nsec bunker and coracle usage then?
If you don’t mind me asking, what trade offs did you go for?
I happen to be using Coracle via NIP-46 login right now, actually. I generally use Alby as my signer extension on my desktop, but I am testing out Amber's NIP-46 signing option for a review I am writing.
I also use Amber for all signing on my mobile Nostr clients, using NIP-55 whenever possible.
I don't log into any clients that require my nsec whatsoever.
I think that's about the best we can do at this point. If NIP-46 signing was just a bit more reliable, I would go to just using Amber, and not use a browser extension either.