Braydon Fuller's avatar
Braydon Fuller
_@braydon.com
npub1r0ul...zzyc
"Do not give in to evil, but proceed ever more boldly against it." —Motto of Ludwig von Mises
Braydon Fuller's avatar
Braydon Fuller 1 year ago
It's wild to see folks on GH claiming Nostr isn't a censorship resistant protocol! If it's not, what is the point of any of this!? 🤦‍♂️ I think we need a GH replacement sooner rather than later.
Braydon Fuller's avatar
Braydon Fuller 1 year ago
UX storyboards are now in sync with the specification for Nostr key migration and revocation. NIP specification at:
GitHub
GitHub - braydonf/nostr-key-migration-and-revocation at 86f5b44145ad47d11e8777a28ccb35177b5a5a57
Nostr protocol specification for key migration and revocation. - GitHub - braydonf/nostr-key-migration-and-revocation at 86f5b44145ad47d11e8777a28c...
 UX storyboards at (PDF): https://github.com/braydonf/nostr-key-migration-and-revocation/raw/fe86c23e01c50aa80539d4f5f1e5d868fdb1e2ba/ux-storyboard.pdf
Braydon Fuller's avatar
Braydon Fuller 1 year ago
When is the last time Telegram client code has had a security audit?
GitHub
GitHub - DrKLO/Telegram: Telegram for Android source
Telegram for Android source. Contribute to DrKLO/Telegram development by creating an account on GitHub.
 Taking a quick look and two things stand out; committed binary library files and huge commits very much lacking commit notes and details, just version bumps. Binary files could be deterministically built and compared to known hashes. Commits could include notes about the changes in smaller increments. It appears that many changes are made in private and then only pushed live at each release, lots of opportunity for underhanded coding.
Braydon Fuller's avatar
Braydon Fuller 1 year ago
@PABLOF7z @Vitor Pamplona @fiatjaf I am taking a look at designing the UX for how clients can handle a compromised key gracefully; this includes key revocation, migration and deletion. These are the proposals that I found that are related, are there any others that I should know?
GitHub
NIP-41: simple account migration by pablof7z · Pull Request #829 · nostr-protocol/nips
This NIP introduces a simple way in which a pubkey can migrate to by whitelisting a new pubkey ahead of time. TL;DR: Pubkey A whitelists Pubkey B ...
GitHub
NIP-37: general methods for dealing with lost keys by fiatjaf · Pull Request #637 · nostr-protocol/nips
https://github.com/nostr-protocol/nips/blob/key-invalidation-and-migration/37.md
GitHub
Key Revocation by vitorpamplona · Pull Request #1056 · nostr-protocol/nips
This is a key migration procedure that simply formalizes how we migrate keys today: via waiting for confirmations by friends of the key. There is n...
GitHub
Right to Vanish by vitorpamplona · Pull Request #1256 · nostr-protocol/nips
Adds a special event kinds for relays to allow for Full deletion of an account to specific relays Full deletion of an account to ALL relays Read ...
GitHub
NIP-109: Pubkey Deletion by alexgleason · Pull Request #377 · nostr-protocol/nips
This NIP provides a way for users to delete their own account. Supported relays would delete all events from the pubkey and prevent new ones from b...
GitHub
nip-41 Identity management by gzuuus · Pull Request #1032 · nostr-protocol/nips
This proposal is a best-effort research to improve existing key management proposals. To do this, I've studied the previous proposals on the su...
GitHub
NIP-39 cryptographic identities by franzaps · Pull Request #1335 · nostr-protocol/nips
Rendered Following the discussion on #1182 I have: Integrated my changes onto NIP-39 (from what was NIP-69) Updated the PGP type according to http...
Braydon Fuller's avatar
Braydon Fuller 1 year ago
Finally switched to use Obtainium to install Amethyst. 💪