Here is a thread about verifiable key history

nostr:note1pxr6yv0q2znuqn72zj3rfa4n9607u00kwd0qmnataqhgcwrm6qssx90qnw

nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgwwaehxw309ahx7uewd3hkctcscpyug recommended signer app / browser extensions when I asking something similar while working on a client that supports Nostr.

It would at least limit the number of apps that have your secret key.

I don't know exactly how everything works in the background, but I understand that it's safer to use alby extension and nostr connect to log in nostr clients and services because it's encrypted. Can you confirm nostr:nprofile1qqsyv47lazt9h6ycp2fsw270khje5egjgsrdkrupjg27u796g7f5k0spz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszxthwden5te0wfjkccte9eekummjwsh8xmmrd9skctcpzamhxue69uhkzarvv9ejumn0wd68ytnvv9hxgtcyflj58 ?

I think npub.pro has login by DM, which is a cool concept

it's a tough technical feat, because most people just do not use web browser extensions and asking them to use one to sign into an application is one of the most challenging things ever, apparently. i believe that signing applications like Amber are the future. it supports both native and web apps. sadly it doesn't have large adoption, yet, but i believe it's the easiest "set it and forget it" type of scenario.

Something like yubikey?, and losing your identity isnt that bad.

one way to address it using relays

nostr:note1keqg0p8m304hssj98h0swj7glxs2wuttm62nrz50hz74mqxrzmrqq9ttfv

I was hoping someone would come up with some clever cryptography that allows you to have a master, cold-storage key that generates child keys which are all used to post under one identity.

If you lose a child key, you sign a message with your master key to publicly revoke it somehow and generate a new child key.

No idea if this is feasible or not.

General education about how public key crptography works would help greatly. We also need better terminology / fewer bad metaphors. No one signs a letter with their house key, so why would you sign something online with a digital key? It kinda makes sense with encryption because it's like locking something. For signatures, keys act more like seals. Anyway, the concepts aren't that hard for people if you just tell them what's going on without metaphors.

I've been having the same nostr private key for 2 years and a 1/2, and I will continue to have it for the next 15 years. it won't get lost it won't get stolen. It won't get hacked.

Don't make things too complicated. This isnt rocket science.

How is this nostr specific. Whether it's SSH keys or passkeys or cryptocurrency, you always have to manage your own keys.

There is nip46 for remote key access over Nostr (key storage apps like Amber and nsec.app support it), so it doesn't have to only be "couple apps or browser extensions", there's also nostr-login library to simplify the use of nip46 in web apps.

Couldn't people use a BIP-85 child seed from one of their existing bitcoin wallets (where they normally already have very good safety and storage options established) and use this child seed as their Nostr identity?