Nostr Web Client

I really don't know what to do here about my profile being updated without me updating it. I assume my key is burnt somehow? Or is it some client that did something?

My private key was generated and used on astral.ninja for a day, entered into and used on damus.io/web for less than 10 minutes, entered into Amethyst and Daisy. Everything else has been via the nos2x extension.

I know this most likely doesn't mean anything, but the very first day that my LN address was updated was the same day that I tried Amethyst for the very first time, downloading the APK from Vitor's GitHub. I used a burner account at first then switched to my main account after a while.

Looking at the original relays that were seeing updates to my profile metadata, they weren't relays that I used. This leads me to believe the key is burnt?

I have over 3K followers and have worked really hard at that. I would have to have to start over. I really don't want to do that. It would essentially erase the last 6 weeks of doing nothing but living, breathing, and sleeping my desktop and phone.

Feeling lots of emotions right now.

Leo Fernevak 2y ago

Sorry to hear. Over time I think there needs to be improved approaches to security. We must wrestle intimately with problems in order to understand them properly, which takes time and consideration. The approach to log in with a single private key will cause some acxounts to be compromized over time.

We should have a master key that lets us change our private key, or to deactivate our account and link to a new one. The master key would not be exposed until we use it. Its usefulness would depend on how secure the master key is.

Reply to this note

Please Login to reply.

Discussion

No replies yet.