I don't think we do.
Their keys("password")
Their responsibility.
We can't force people into security compliance and expect nostr to take off.
We have to leave the option for them to learn the hard way to understand why things like amber, bunker, etc exist to begin with.
Learning curves have too be natural, not forced.
Replies (4)
I don't disagree, but our short history proves that when keys leak users drop confidence in the entire protocol, regardless if it is their fault or not.
Fair point. Lost keys definitely hurt the protocol, But if we fix it by forcing complex setups on day one, we just move the confidence drop moment to the sign-up screen where they quit before even trying resulting in a comple lack of new users.
Maybe the middle ground isn't forcing nsec security, but making the transition to it more obvious? Let them start easy with nsec login, but give them a giant Upgrade Security button once they have something to lose (like after gaining 200+ follows or something).
Freedom includes the freedom to fail. I think we should focus on better UI warnings client side for smooth transitioning.
If you find a way for them to fail without giving the entire nostr up, let me know.
Onboarding is a psychological play as much as a technical one.
Nostr clients should set the expectation that a users first nostr experience, is a "sandbox".
A "burner" model protects confidence by managing expectations.
