All of these tools having people enter their private key will eventually end in disaster.
We are training people to input their private key into whatever asks for it.
This is not good.
Discussion
What tools? Nsec app stores everything locally
Says you. A developer, either accidentally or on purpose, could very easily send that key to anywhere they want (or don't want in an accident). It isn't that hard to have an input prompt send the input to an email address. Attackers will create fake or copycat tools that do this exactly. It already happens with Bitcoin keys and even account usernames and passwords. It has been a problem for years.
Most people are going to use a single key for convenience and it only takes one instance to be completely rekt.
I don't have a specific solution other than something like an air gapped hardware device, but I am convinced that people will get rekt.
And any tool that asks for it. Anywhere you type it in and click submit.
It’s true but at this point we have a few trusted tools by trusted devs and I’m sure you can check the code for yourself. At least we are not dealing with money. As the protocol matures we’d definitely want to scrutinize any new auth mechanism.
Yes, but "at this point" of Nostr is when we should be discussing these ideas. This should have been an issue from the start. Auditing every application constantly (because you have to any time it updates) is absolutely not a solution and I bet pretty much no one has done it.
I didn't go audit the entire Primal codebase to make sure they aren't sending my key to a database or storing it insecurely on my device. And centralized trust isn't exactly a great model. That's one of the reasons Nostr and Bitcoin even exist.
I'm just applying the same principles of Bitcoin cold storage to Nostr apps and services.
It's not like I can have a hot wallet with a small amount of my social identity. It's all or nothing in this context.
Oh npub.cash? Yeah I agree, not a good option.
Can you use albi or another way to hash the nsec, for that website?
I don't see any problem
Then you don't understand cyber security. That is one of my primary focuses in Computer Science.
Surely. What is your solution, then?
I've discussed this in more depth in other notes if you want to see some surface level thoughts. I haven't looked deeply enough at this point to write any specific technical proposals. My intention right now is to get more people thinking about the problems and learning about security going forward.
This is changing. We have more and more implementations and consumers of https://github.com/nostr-protocol/nips/blob/master/46.md
Do you mean applications are implementing that? Because my point is that users shouldn't have to think about the problem at all. It should just be a Dev and cultural standard.
For the record, this is really meant to stir some thought. I'm aware that we are early days, but there are A LOT of tools coming out very quickly and security now is going to be a lot better than security later. I've seen some attractive tools already that aren't just social media use cases. It's great, but securing applications only becomes more difficult as they grow in users.
We need a good way to recover your network from key loss / compromise. The only solution I see is to add a recovery key that can redirect the network from old to new npubs.
nostr:npub1sg6plzptd64u62a878hep2kev88swjh3tw00gjsfl8f237lmu63q0uf63m and team already thought of and covered this in AT protocol
this makes sense. there's been a few nsec bunkers drop recently. super cool idea and they are the seed to something special.
but, they aren't hardened by time. though many such tools give the disclaimer "risk of loss, use at your own risk," many a pleb will rush in assuming it's production quality because it has a credible team.
as much as i want to test out new clients or PWAs with nostr login, i practice restraint until it's been in use for some time.
just my mode of operation - fine being in the early adopter group.