Replying to Avatar freeborn | ἐλεύθερος | 8r0gwg

Shouldn't an npub have a kill switch?

Say an nsec gets leaked or compromised.

It's owner could send a signed message to relays to disable (basically, ban or filter) all future posts, delete posts after a certain date or time, or even nuke the npub altogether.

It seems to me this should be possible with existing NIPs.

Thoughts on this?

#asknostr #plebchain
Avatar
Kc 2y ago

PGP uses master and sub keys for that. So essentially the master key must be kept safe and it must sign each sub key or key revocation message. So only the sub private key, master public key and the signature must be known to the client to operate. Other clients then check if the signature matches (sub key signed by master) and can be assured that the key is owned by the same entity as the last (sub) key.

Dammit, it's hard to explain that in words 😂

Reply to this note

Please Login to reply.

Discussion

Avatar
freeborn | ἐλεύθερος | 8r0gwg 2y ago

No, I get what you're saying. I recently went through [this](https://www.digitalneanderthal.com/post/gpg/) to learn more about pgp. I do think some kind of "revoke npub0 and replace npub1" solution is in here somewhere, but someone smarter than me would have to take it from here...