Wouldn't it be relatively easy to define a standard BIP-39 derivation path for a top level nostr chain code, then derive nostr privkeys from that? And in case of breach, you can publish that chain code's xpub along with the new privkey for key rotation?

I'm not a cryptographer, but it sound like it wouldn't even be hard (maybe *because* I'm not a cryptographer 🤭)

NIP05 already addresses this.

But what Parker fails to mention (I'm sure he understands this) is that you don't need to get hacked on traditional social media in order to lose your digital identity. You just need to be banned and/or demonetized, which is impossible on Nostr.

He certainly spoke out against that when it was e.g. Twitter banning right wing accounts, but he's very silent now that it's X banning left wing accounts and basically any post critical of Elon/Trump that gets enough traction

I’m still failing to see how this wouldn’t be resolved with a nip-05.

If a user posts the nsec of the compromised account on the new secure account and the new secure account has an updated nip-05 pointing to the same URL as before.. Then nostr clients could be setup a feature to follow the new npub with the legitimate nip-05 and ignore the leaked account.

ie. If my nip-05 points to a new npub, and that new npub has posted the nsec of this old npub, autofollow the new npub and unfollow about the old one.

Even if someone with the private key of the compromised nsec attempts to update the nip-05 to a new one. The private key would be burnt to the new account and the client can verify the new npub with a new nip-05 lookup and burnt key combination.

I’m probably missing something obvious 🤓

NIP-05 is the solution to this but the way it is commonly used is less than stellar. If I leak my nsec and then burn my NIP-05, that should be the "warrant canary" that tells people my npub is no longer me.

I think client design to draw better attention to this could help the matter. As could nsec multisig to make it just less likely to leak your nsec in the first place.

Centralised custodial ID is ruggable. So it's not a solution either.

Use proper hardware devices to handle your nsec and you are safe from identity theft.

What happens when you lose your car keys?

Yeah, he's correct to the extent that relying on client apps to abstract away key generation, etc, is an inherent problem. I managed to generate my own key, but rely on a browser extension signer - which is better, but could still potentially leak my key.

I wouldn't trust such a setup with any significant amount of Bitcoin; so, likewise, until Nostr has a more robust, widely-supported solution, I don't intend to trust using my nsec for anything sensitive.

In short, for now, if/when my nsec gets hacked, the hacker can have it. I will simply spin up another nsec (which I will expect to also inevitably get hacked).

I like the all or nothing

approach to nostr. it forces distance emotionally from the app.

also gives plausible deniability against posts.

He’s worried about followers.

If implementing this isn't possible, perhaps a simple notification like "NIP-05 changed to this npub" could work. A similar feature exists on Instagram when a user changes their username.