Replying to Avatar HoloKat

Random thought: if wot persisted through npubs, then we could make keys more disposable instead of turning them into vaults - central points of failure.
Avatar
brugeman 1y ago

To inherit the social trust publicly with new npub you have to link it to the old one, publicly. So it's not really new identity for anyone.

What you seem to have in mind is the idea that you should be able to selectively reveal your social rating when that's needed.

One solution could be that by default you log in to a new app with randomly generated new keys (that are tied to main keys) and then if you have to "prove" you're trustworthy to some peer in that app then maybe your main keys sign an encrypted gift wrap that says "this child key is actually my main identity's subkey".

You could have separate key for every app/website, new keys for every session, every week, etc, that could be the default way to surf the web. And then you reveal yourself when that's absolutely necessary.

I think with nostr the power is in the ability to generate as many identities as you need without permission and make claims about relationships btw them. You may have one identity, one with many subkeys, many identities for different tasks, etc. And then we'll collectively figure out what's the best way to use this to enable interop but with proper level of privacy suiting each user.

Reply to this note

Please Login to reply.

Discussion

Avatar
HoloKat 1y ago

That could work!

Avatar
Tim Bouma 1y ago

Something like pre-signing the next npub you are going to use in case your current nsec gets compromised. It will need some sort of timestamp so that the compromised nsec can’t spoof the pre-sign.

Avatar
brugeman 1y ago

For identity migration - yeah that's basically nip41 proposed by Pablo

Avatar
Tim Bouma 1y ago

Very cool. I will be digging into that with nostr:npub1l2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afqutajft