Nostr Web Client

Is that true? I was hoping the link between the keys remained offline. The secrecy would only break if the attacker got the main key and the backup key.

Max 2y ago

Ah, so the main key does a gift wrap to send the backup to a new pubkey, thats why the relationship between these two keys is private?

Reply to this note

Please Login to reply.

Discussion

Max 2y ago

And thus even if the main key leaks, the backup keys are not known.

Vitor Pamplona 2y ago

And if you need to access the backups just giftwrap them with yet another key so that they backup key never leaves the backup client.

Max 2y ago

Ok, thanks.

So, is it correct that the sender has forward secrecy, the receiver does not?

Vitor Pamplona 2y ago

I think so. Maybe the better way is that we haven't been able to figure out a way to do it yet.

Vitor Pamplona 2y ago

Yep, the main key doesn't have any gift wrap to recover from.