Thread - Nostr Hypermedia

ManyKeys manykeys@npub.cash 2 months ago

The clients should remain dumb to this process to avoid a leak. The users should be deriving the nostr key from their master key that they have thoroughly backed up in steel plates. You can recover the child key as long as you have the master key back up and the index number attached to the child key. This is primarily a security feature that users must warp their heads around. It has to be done in a secure environment, on a laptop that has never been online and that will never be online, with WiFi/BT and hard drive stripped and by using tails from a USB stick. Clients can't do this in a secure manner.

↑ Parent

Replies (2)

Alex Gleason alex@gleasonator.dev 2 months ago

Probably dedicated signer apps like Amber should do this. I believe Alby already does it.

1 replies ↓

ManyKeys manykeys@npub.cash 2 months ago

That was my question: if we can use the child key to derive addresses from it through signer apps, our initial master key would t he exposed even to these apps. I'm not sure whether we can use BIP85 32 bytes hex to derive addresses.