My simple model is that keys, data and code can be stored independently and brought together to be instantiated as a computational component. Apart, keys, data and code are useless, but together, they work.
nostr:nprofile1qqspwwwexlwgcrrnwz4zwkze8rq3ncjug8mvgsd96dxx6wzs8ccndmcpz4mhxue69uhhyetvv9uju6n9venxwtnx095szgmhwden5te0ve5kcar9wghxummnw3ezuamfdejj70m8d3hkyctv84skcmqprpmhxue69uhhqun9d45h2mfwwpexjmtpdshxuet5q5uunm nostr:nprofile1qqsqddupn4l3cl65wggcyehd009g0pwuatsfudh28f90vewx68vrylqprfmhxue69uhhyetvv9ujuem9w3skccne9e3k7mf0wccszenhwden5te0ve5kcar9wghxummnw3ezuamfdejj7mnsw43rzufkd43hywr5d3erxmp5va6hxvmnveh8wd3hxue8xdm6v9jnv6r3de3k6ae4wa4rydm9df6kgdthvduxvdm3xph8sdmyx5lkyun0v9jxxctnws7hgun4v5q3gamnwvaz7tmjv4kxz7fwv3sk6atn9e5k7nznd8h What are your 5 sats on this topic?
Discussion
Do you operate in an untrusted environment?
That’s the starting assumption.
To let the user be able to assemble his keys, data and code, he needs to store this logic somewhere right? But then if you store this encrypted with the users nsec, then an nsec leak leads to total leak. So how do you make sure, the users nsec leak does not lead to full compromise?
Every component has its own self-generated nsec. No relation to the users nsec. It’s the job of whatever client to protect the nsecs. I don’t want to store any user data, especially the user’s nsec. If the component nsec is compromised, burn the data asap to another self-generated nsec.