Replies (68)
How do I know this is Vitor or some imposter who got his leaked Nsec? I guess I can't. Vitor would never say something like this.
Correct. You can't. You will never know for sure.
My nsec will go to the grave with me. It's mine. My own. My precious.
Everything is temporary.
In many ways, that's what the book Permanent Record by Snowden is all about.
I don't back up my nsecs for when I lose devices or suspect something is up. I like to just burn the keys.
Wtf? Litterally no one has ever made this point a priority to communicate to nostr users
Tutto passa
Purtroppo e per fortuna.
So you don't see that this is not a useful protocol in that context? A public key identity base speech. This is like saying "PGP keys can leak therefore don't take your security THAT seriously." This is wildly irresponsible.
This is one thing I wish for nostr: the ability to change your private key yet keep everything else (posts, followers, etc.). I don't know if it's technically even possible, but I also use Hive (hive [dot] io) and it's very possible and easy there.
Check with your Signer apps. Those are the only ones that take that responsibility seriously. Everybody else is just vibe coding right now and you know what that means.
Well, I am making now... All nostr apps are vibe coded right now.. security is basically zero.
Amazing comment ππΌ
Same with events we sign with your nsec. Assume they will disappear. Unless you really really want to keep copies.
president vitor is forever!
Either that or you will buy your own events back on the dark market. :)
Hahahaha I never thought about that!!
Such a cool idea though
So, take what you just said and apply it to your original post and make it make sense. Without concluding "I can't take security that seriously so why try?" Again, that make the protocol you've spent years on, useless. And it's generally a irresponsible position to take.
@Vitor Pamplona argiung for key rotation ... I thought I'd never see the day
It's not useless. It's just not the hardcore crypto security you would usually see. Our apps REQUIRE a hot key loaded in memory at all times. There is no way to do cold wallets. We are literally always in the line of fire. We can't protect anyone against compromised systems and most phones are compromised.
I You agree that you will never have security if keys are placed on a network connected device. Then, all we can do is to minimize the damage and let people play while they can.
Your deduction doesnβt follow: if something happens to be temporary (and someone reminds you of this) does not mean that something is useless or even unsafe, security always being relative to convenience whether in time or surface area of another sort.
What do you mean, I literally have 3 proposals and two full draft NIPs for key rotation that have been opened for years..
Can you put them to NostrHub?
Is there a standard that lets you to maintain one identity/profile using multiple names?
More resistant to impersonation attacks. Like if someone created a new profile that's an exact copy of yours, and said "I'm the new Vitor Pamplona!"
Spitting super hot fire π₯ today
That's the point of offline signers.....
Why is it temporary? Do Nsecs have an expiry?
Maybe vitor means unstable long term or unsustainable in a reliably ownable way. Over my head tho.
HSM key signer is entirely possible. Massively reduces risk down to physical access. But fair enough if sessions can't be batched and signed PSBT style then yes, there's a compromise risk.
Ironically you can argue in the long run NIP-05 is a better guarantor of authenticity then the nsec. Someone can steal the nsec but they can't make make me or you point our websites to the wrong nsec, unless they compromise our whole lives.
secure namecoin key pointing to your latest npub seems pretty good
State actors can make DNS point wherever. nip05 is not decentralized.
that's why there should be an optional, stable identity key that can be easily linked and possibly disavowed. which i proposed over a year ago in nip-102
That's a fair point. Though I think when you get to the point where the feds are spoofing your DNS it's a different scale of threat with different concerns. Especially in a scenario where people are already doubting that you control your nsec.
It would very cool though if NIP-05 supported decentralized protocols as well.
If that's the case, why build on Nostr?
If you're right, then Nostr is a waste of time.
Are you saying on Amethyst, security of my nsec is zero?
Yep, I have said for a while that nsecs must never be stored in any client. My own included.
It's not, you can rotate your nsec in Nostr, start fresh. imagine having to load all your DMs from 50 years of DMs just to use nostr? It doesn't make sense. A full reset every once in a while is healthy for you and the protocol.
Then what's the point of using Amethyst?
It doesnβt have to be that way forever, nostr can and should adopt some kind of PKI infrastructure,
@inkan did a thing in this regard
Nostr DMs aren't useful because they don't work dependably.
Spending years to build an audience and business, only to have it stolen because your client is insecure, is a massive denotivator. I'll need to reassess whether Amethyst or Nostr is worth my time.
DMs have been quite useful for the last 2 years or so to me. It works quite well everywhere these days. And now with MLS, it gets even better.
Use Amber if you are concerned with security. Never put your keys on any client, regardless of how well the dev is trying to make you feel good about it. We are all using way too many dependencies to be able to review security in apps. That's why signers are better: they are tiny. It's easy to review.
There is no dev on Nostr right now that is specialized in security. Nobody has ever paid for it. So, keep that in mind as well.
That point is separate from the point that nsecs should be considered ephemeral bc of signers.
Nobody paid Satoshi either, yet it's one of the pillars of that software.
Ah yes? Hm can't keep track on who's on what side for key rotation apparently.
Satoshi's code barely worked. It took years from other people to actually make it work and make it secure. And all of those were paid to do so.
So I should include a third party between me and the client to make my nsec more secure?
There needs to be some sort of sane way to expire a Nostr key that lets you keep your follower graph. I donβt care about the posts, but I would like to be able to gracefully expire my key after rotating it in a way that is not dependent on an external domain name. Some way for me to sign a statement that says βIβm over at this npub nowβ and have everyone following me follow it seamlessly.
I really appreciate your clarification.
So, you're working on Amethyst for free?
No, but none of my sponsors or donors are specifically asking for security upgrades. Same for all the other clients. We do it because we care, but that doesn't mean it's any good.
Also, security is much more expensive than what anyone is getting paid to do as a nostr dev.
That's because they are paying you to know better than they do.
No, they know I constantly tell people to go to Amber. None of this is new.
You're changing topics to sidestep the issue.
Since you're being paid to know best how to develop Amethyst, but your rational is that no one is being paid to increase Amethyst security, is the lack of security really a lack of funding, or a lack of prioritization?
It's lack of knowledge. We just don't have anyone in Nostr that is a true security dev. But again, our solution is to use signers... ALWAYS. That minimizes your exposure. I don't know if clients will ever get to the security model that a signer can get.
Thank you for your honest answer and bringing this security issue to my attention, and it makes sense. I didn't realize my private key was so vulnerable. Now I can take steps, because the idea of having my nsec compromised is demoralizing.
amethyst has nip-05 .bit resolution. get a .bit and update the nostr value when you need to rotate a key. search testls.bit or m@testls.bit in amethyst. I think resolving these @'s in amethyst also makes sense but vitor strongly disagrees π
my other acct got banned
"There is no way to do cold wallets."
I've been running test identities out of a cold wallet since last November. The infrastructure around it is still fairly fragile, but it's just a run-of-the-mill software engineering problem at this point (I'm not a software engineer, so it's taking me a bit longer).
Thanks for realizing that this can work. By the way, if you'd like to try it out, you can create a test identity with the management utility (see below). You can say hello to the other three test identities and talk about the weather.
You can also wait until a less fragile version of it is available. I just realized something that should allow me to make it pretty performant soon.
My mac is dead right now so Iβll have to wait for a browser/iOS solution (or get a job) but thanks π
Yes, I've been thinking about making in-browser construction of identities available as an option. There is nothing difficult about it in principle, but it sort of defeats the purpose of keeping the identity-securing keys airgapped. I may still decide to do so as a sort of toy-identity option so it becomes very easy to try it out. I first want to fortify the surrounding infrastructure, so it's more scaleable before I roll out an-easy-to-try option.
Use o Amethyst e se foda. Basicamente
What a faggy response to reasonable arguments. Nip55 makes security possible for nsecs, so they're not necessarily disposable.
And yes, I haven't had Twitter since before nostr was even created so yeah, no one would see that. Finding a a nostr note is the obvious response to my request, since we're on nostr talking about nostr.
