Nostr Web Client

Thinking about locking 1 BTC in my nsec as a proof of key safety. If somebody gets my key, they can steal the 1BTC. And if they do, I will know my key has leaked.

On Nostr, unless you monitor your own posts VERY closely, you never know if your key has leaked or not. That creates lots of liabilities for businesses and some risks for users. Adding a value that is appropriate to the size of the account could work as attack notifier. And business might even be able to insure that amount with cyber insurance. 🤔

markus 1y ago

Yea I posted about this a while ago… I even think this is nostr’s biggest design flaw and I don’t like how there’s no clear mechanism to prevent this AFAIK

nostr:nevent1qqsrmy785nat5hznhmg5em0049k3ckhrmnvsh2ppgfup4qmywf8n2egprpmhxue69uhhyetvv9ujuumwdae8gtnnda3kjctvqyg8wumn8ghj7mn0wd68ytnhd9hx2qgdwaehxw309ahx7uewd3hkcqg4waehxw309ajkgetw9ehx7um5wghxcctwvsg37def

Reply to this note

Please Login to reply.

Discussion

dangershony 1y ago

That's why you have browser extensions though

markus 1y ago

How does that help? Providing sensitive information to another party is always insecure. Adding another party as an additional set of eyes isn't improving anything.

dangershony 1y ago

Having a dedicated app that only handles key management, is ofcourse more secure the putting your nsec key in random websites.

markus 1y ago

Do you have an example? How does the client (e.g. snort) then get the key from said "secure dedicated app"? Snort needs that secret in plain on its own.

dangershony 1y ago

A browser extension app, there are many such apps around, I use the Blockcore wallet it has support for Nostr keys but you'll find several around.

The issue is it won't work on mobiles.