David would say that your web of trust will take care of this for you, regardless of “technique” used to link and verify npubs. I would mostly agree with him. WoT is everything … but also … THIS is an existential problem for Nostr that hasn’t been solved.

key rotation is definitely one of those deeply important problems that we haven’t solved yet. I believe WoT is the missing ingredient that has prevented any workable solutions. Of course there are technical tools that we also need. But I’d love to see key rotation be one solution that emerges from our WoTathon. There will be more than one way to do it. We should start with a solution that is as simple as possible and can work. Ideally, it would be a solution that we can build upon over time. I imagine a simple solution like this: suppose Alice decides to rotate from npub1 to npub2. We can focus on solution for a compromised nsec as the primary use case for key rotation, although in theory she could have some other reason for key rotation. The basic idea is that in meatspace, she tells people that her nsec is compromised, and she asks them to publish attestations to that effect. Presumably, she would also want the public to know her new npub and the timestamp when the rotation takes effect. Ideally, this would be as simple as possible and still work. Luckily, the Decentralized Lists NIP provides a method to implement the above idea. No need for a new NIP; just make a new decentralized list! The new list would have three required fields (specified as required as per the DL NIP): old (compromised) pubkey, new pubkey, and timestamp when it takes effect. All of Alice’s This would be an awesome entry for the #wotathon: a NostrKeyRotation client where Bob can go and publish an attestation (an item on the list described above, a kind 9999 event) that Alice’s npub is required, and then Charlie, Dave, etc can either publish identical events, or — even better — they can do a reaction to Bob’s event as confirmation. Then the NostrKeyRotation app uses personalized trust metrics to keep track of rotated keys, maybe publishes them in some format that can be consumed elsewhere in nostr. What do you think?

NostrHub

NostrHub | Discover and Publish NIPs

Explore official NIPs and publish your own custom NIPs on NostrHub.

to do key rotation (and for that matter, name resolution services) on nostr, you need a consensus protocol. the actual consensus would be an independent server that does the chatter sharing the relays trust attestations (this is a non-token based distributed system architecture), they store and broadcast their events to be stored on relays and they use relays to rendezvous with peers instead of dealing with the network ingress difficulty caused by NAT routers. this is the proposal that i've drafted for this, it uses a web of trust based design for relays to decide whether they will accept a registration or transfer of a name title to a new npub: Free Internet Name Daemon (FIND): https://github.com/mleku/next.orly.dev/blob/main/docs/names.md

I’d love for something along these lines actually built. Any plans as of yet for you or anyone else to implement this? Do you plan to enter the WoTathon? Your solution uses WoT, as it must, and as such would be an excellent entry. The reason we’re offering $50k in rewards is because problems like this one are incredibly important. We want to see them solved and solved well! And I’d love to see teams come together on projects like this. In general, I encourage solutions that follow Einstein’s Dictum: any proposed solution should be as simple as possible, no simpler. The more complex the solution, the harder it will be to build consensus (because every detail is something to argue about), to build a team and make it happen.

@ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ is a smart cookie, and has a nice proposal. But (like Rustr’s proposal also) this problem is not going to be solved by only ONE technique for key management / rotation / expiration / ect … there will be many. There MUST be many. Nostr’s existential challenge is NOT to find consensus around single NIP for any one problem … but to allow for dynamism (having a variety of techniques in use simultaneously) WITHOUT overly burdening users or developers in the process. This is where WoT comes in. Most solutions (for any problem) will lean on WoT (in some manner) as a proxy for truth. Without assuming any one WoT technique will be “the WoT NIP”, ANY WoT should be able to “truthfully” demonstrate that “this is indeed Alice’s new npub”.

🎯 We need to follow Einstein’s Dictum: we should purse the simplest solution to the problem, nothing simpler. I think Decentralized Lists offers a method to start out with the simplest workable solution, but then to layer complexity on top of it. The idea is that we achieve consensus one tiny bite at a time, building up gradually to a sophisticated solution, rather than try to generate consensus over a cathedral all at once. When a proposed solution tries to do too much all at once, it’s the complexity that prevents consensus from being achieved, the result being that nothing happens.

for did nostr method

GitHub

FYI: w3c community group, did nostr method · Issue #1441 · nostr-protocol/nips

has been raised here: https://lists.w3.org/Archives/Public/public-nostr/2024Aug/0002.html if anyone has a view on this topic, please feel free to p...

Is this being implemented?

It should be this, I don't know the current state of things

GitHub

GitHub - nostr-labs/did-nostr-resolver: did nostr resolver

did nostr resolver. Contribute to nostr-labs/did-nostr-resolver development by creating an account on GitHub.

Here’s my write-up of what I was just talking about: View article →

Just peeped your write-up, and I’m totally vibin’ with it! 🔥 You nailed it! Keep spittin’ that knowledge! 💯 #Nostr #StayLit

Agreed. Thanks for your input on this. Simple is good. For DIDs I was actually thinking Ion, not a native Nostr DID. Its simple in the sense that keys and WoT are Nostr related but it gets complicated because Ion requires their own keys. I'd have think more about the decentralized lists and key rotation. In my mind, having Ion DIDs allows a user to rotate keys easier than a Nostr native solution. I'm not sure how a Nostr native solution could work if the primary key pair is compromised. Frostr could possibly come into play. Having a 2/2 or 2/3 multisigs on a decentralized list could be one way to do this.