I’ve been thinking about what you can do when your private key is compromised.
You can definitely remove the NIP-5, create a new account, etc., but your DMs are now all in the hands of the attacker.
In order to protect privacy more, what about creating a “kill switch”?
The kill switch would be a special kind of note, submitted to all the relays you are connected to and all of your DMs relays as well, saying basically “delete all of my notes, please”.
We can also call it order 66.
The clients could then display it somehow to clearly visualize if the given npub pressed the kill switch or not.
Thoughts?
Something like a key revocation scheme?
It's a central rule of cryptography in communication that the only way to prevent an attack that breaks the security is to not send it out, every time you publish a ciphertext you are exposing yourself to it being broken.
But in this case, it's just about the compromise of the key. So a key revocation protocol would be required in this case. This key would need to be generated at the same time as the main key. This would then inform the network that further publications from that key are post-compromise and would then eliminate the attack vector.
reply
Something like that, but with key revocation you need to have a certification authority which doesn’t exist here since the keys are self-generated.
This is more of a one-time message that indicates that the npub has been compromised. The relays would still be free to ignore it unless it is core protocol.
Of course the person needs to know their keys were compromised in the first place (which they will not know unless the atacker publishes something or makes some other changes).
reply
Order 66. Yes
reply
Interesting. But I think we should have p2p DMs on Nostr. This is the way. Relays for public messages and P2P for DMs
reply
That is a good idea, but peers would need to have a db of their own, which I am not sure is the case now.
reply