Thread - Nostr Hypermedia

Biggest issue there imo is secp256k1. It's just not a curve you can easily do this kind of core infra stuff with. It's not supported by passkeys (webauthn), it's not supported by SubtleCrypto, it's not supported by the secure enclaves of iOS or Android devices, you can't use a secp256k1-based certificate to sign a tls 1.3 handshake, then there's JWTs, JOSE, list goes on. It's just absent from a ton of web standards. mainly because it isn't NIST-stamped, so it's sidelined most places by secp256r1. Basically if the goal from the start is to replace the certificate chain and all the rest, secp256k1 is definitely not what you'd choose.

↑ Parent

Replies (3)

fiatjaf _@fiatjaf.com 1 month ago

Are all these things because of secp256k1 or because these guys who made these things decided to not support it?

1 replies ↓

frphank 1 month ago

They didn't decide not to support it because it's so niche supporting it was never considered in the first place. You coded yourself into a corner, #cointard.

frphank 1 month ago

But hey, secp256k1 is "edgy" isn't it? 🤪

1 replies ↓