One key issue worries me. Could there be a two-key standard (one hot and one cold)? With such approach, if your hot key is hacked (since itβs stored within apps), you could use the cold key (stored in a secure hardware device) to generate a new hot key and somehow invalidate all the posts or actions made since the moment the hacking occurred.
Discussion
yeah there has been a few proposals on this but I don't think they really took off. it's just not a common problem (yet)
i would love a tapsigner as a second key NFC to my phone (e.g. stuck in the phone protector or smt) and have this 2of2 capability on mobile
the UX I'm moving towards is nsecbunker + confirming signing requests with your apple watch. would be cool af. multisig might be too annoying for every time you want to like a post.
hence the tapsigner fixed in place
musig is handled in the back so the user doesn't need to worry
you can have a backup tapsigner at home for when you lose the phone and have both keys in an alby extension for desktop and also backing up for phone lost case
ps i would like to not have to
1) have an apple watch - dislike ecosystem, dpmt wear a watch
2) touch my phone to sign for every single message. you may have noted when i post, i post a lot
you wouldn't be required to use an apple watch, I was just thinking of the optimal and least annoying UX for a damus nsecbunker implementation.
I guess it could auto-sign, but I personally wouldn't use that. clients are very buggy and nuke contact lists all the time
ps i would like to not have to
1) have an apple watch - dislike ecosystem, dont wear a watch
2) touch my phone to sign for every single message. you may have noted when i post, i post a lot
Look into nostr:nprofile1qqs04xzt6ldm9qhs0ctw0t58kf4z57umjzmjg6jywu0seadwtqqc75spzpmhxue69uhnzdps9enrw73wd9hszynhwden5te0wp6hyurvv4cxzeewv4eszynhwden5te0wfjkccte9enrw73wd9hsxv8qkt nsecbunker