I am thinking about creating the concept of a “cpub” or child public key of a root npub. The idea is that the cpub can be provably traced back to a npub. I can have as many cpubs as I want, that map back to the same ‘identity’. If a cpub keypair gets compromised, I can publish an event that invalidates that cpub.
As for clients, when they see what is a cpub, they can resolve back to the root npub and present that identity instead.
The driving requirement is to have a protected root npub that corresponds to my identity; it is high-value so I only want to sign with it when absolutely necessary - keeping it on a hardware signer device.
Any comments on this approach?
Do it. It's like a HD wallet but for Nostr.
It'll open new possibilities.
Please Login to reply.
Exactamento.
Not sure if I can get back to some of my earlier posts as I treat Nostr as my RAM.
But I put in some thoughts around it one or two years ago. If I find it and it looks helpful I'll let you know.
Cool! Thanks!
