iefan 🕊️ @iefan 🕊️ - 1y
Every centralized company is obligated to share any user info with the government in every country that has any kind of terrorism and CP laws. The moment you give up your nsec custody, you are opening an irreversible backdoor to your account; It's not my opinion, It's a fact.
Karnage @Karnage - 1y
Do nostr “accounts” need a back door? It’s all open for everyone anyway? 🤔
Lou @Lou - 1y
The Nostr front door 🤣
Or do you mean like reading dms without you knowing?
Yeah, DM, and I mean they can just leak the key, and you won't have an account anymore.
Relay don't have access to your private key.
cum guzzler lightx @cum guzzler lightx - 1y
That’s not a valid argument, if you keep it private, it keeps them out anyway.
Greg @gregwhite - 1y
Any opinion on an end to end encrypted solution? So that even the service provider (custodian) can’t decrypt the keys? I know it’s not perfect but the current ecosystem for managing keys isn’t smooth enough for everyday users and I’m wondering if there are any solutions on the horizon.
Derek Ross @Derek Ross - 1y
The vast majority of people here on Nostr get this. The vast majority of the world does not get this. It's why Bitcoin and Nostr have such small amounts of adoption. ZBD is an on ramp, IMO. Just like Coinbase, etc. Eventually you understand this and leave Coinbase with your funds. Coinbase still knows about all of those purchases though. Just like leaving ZBD, they could still have your NSEC. You won't truly be free from either until you go no-KYC and self custody. But you could generate a new NSEC yourself on a new client, just like buying no-KYC from Bisq. It's the same to me.
I mean they would have to knock on your door, and there would be at least some kind of fight. If you give up your nsec, you wouldn't even know, and someone will be reading your DMs.
But the only problem is even if I leave them they will still have my keys.
Lmfao 🤣🤣
I mean for key storage of private keys. Thinking of an oauth type flow to log in to various clients without having to copy and paste the private key.
Ima actually thinking about for more normal folks that think in username and password instead of private key and public key. Create a way to allow them to give an email as username and set a password. Offer 2FA and a reset password flow. Then they can get their npub and/or their nsec so they don’t have to store it themselves Eventually the hope is that clients support “login with WhateverWeCallIt” so it’ll insert the nsec automatically into the client (and for clients that store it locally, store it locally) Further down the line I’d imagine it would be a way for folks to set which clients they want to give what access so that we can give people a way to get rid of the annoying NIP 7 pop ups. Mostly it is for folks that are less self-custody maxis, but still care about controlling what clients can do with their keys.
But you can’t post or decrypt DMs with just an npub
The: Daniel⚡️ @The: Daniel⚡️ - 1y
Absolutely. Using a centralized client like ZBD effectively means your nsec could be handed over to the state on demand.
7ca66 - 1y
Why did ZBD go this route?
nostr:npub1rvg76s0gz535txd9ypg2dfqv0x7a80ar6e096j3v343xdxyrt4ksmkxrck helped get the first paid relays on #nostr so I’ll give benefit of the doubt but I don’t understand what the logic is? Is it maybe an abstraction so Users can rotate passwords which nostr keypairs don’t allow?
They wanted to create a nerfed, walled garden experience. But the really shady thing they did was when you created your account, they provided an option to input an existing nsec or make a new one. Thankfully, I opted to make a new one to try it out. If I had actually given them my npub, they would have held a copy of it on their servers. There is no evidence they’re only storing that locally on the device.
Meant to say nsec the second time but you get the point.
b9e76 - 1y
Where is the ZBD Nostr account?
