gm nostr, wen widely-adopted key rotation?
Discussion
we should have an event that makes clients automatically unfollow and follow new npub
I like that.
It sounds very abusable. Would it need timing safe-guards (invalid if time since last rotation is below n seconds)
yeah maybe a account closure event so everything after key rotation event is invalid and everything before is indexed by relays on the new npub
You could still use the account on relays not synced with that. Besides relays are allowed to delete any events they want, so one could just delete the event and go on with the day.
Another important nostr data note is that time isn't verified by anyone. I could post notes and back-/futuredate them however I want. There is no ledger.
A kind 9 delete event would probably work to delete the user, and to cancel a rotation event.
A potential danger is if an attacker uses that event. Then your followers are transfered to an account you don't control away from the account you control -- and someone else isni charge of your presumed identity.
The benefit of current situation is that if the attacker figures out your nsec, then at least you got equal access to whatever followers you gathered and can send warning messages about the attack.
Possibly even send signed messages to your followers if you have some other well established crypto key pgp or similar that they trust.
Addition: these things can't be done automatically as the follow link is stored on the follower. They would need to sign a change to their follow list for it to happen. There could be a suggested follow event though, that the follower need accept and sign manually.
GM!
For bitcoin or nostr?
Need key rotation and delegation with revocation.
you can be frost in meantime π