Remote signers seem like a terrible idea? \ stacker news ~nostr

pull down to refresh

Remote signers seem like a terrible idea?

513 sats \ 1 comment \ @jurraca 14 Feb nostr

A bunch of tools have recently come out to help with signing events for you so you don't have to post your nsec into clients. I'm probably misunderstanding the risks associated, but this seems a bad design pattern. If anyone can help clear up my misunderstandings you get sats.

Generally the idea of broadcasting events containing secret material through multiple relays is an antipattern. You want to minimize metadata around secret events, since metadata is by definition a degradation of privacy. This is also one of the problems with NIP-04 (encrypted DMs).

But also we're just... putting encrypted nsecs on 3rd party servers? There has to be a less risky, more sovereign design here right?

view all related items

143 sats \ 0 replies \ @_arshbot 14 Feb

I don't live on nostr at all, and am pretty out of the loop, but I found this article helpful in understanding the problem remote signers are trying to solve

#371422

Generally the idea of broadcasting events containing secret material through multiple relays is an antipattern. You want to minimize metadata around secret events, since metadata is by definition a degradation of privacy. This is also one of the problems with NIP-04 (encrypted DMs).

I have a few problems with this paragraph

privacy and censorship resistance (decentralization) do not go hand in hand. It's hard to solve for both and hardly ever equally, and never while insuring future flexibility.
This (above paragraph) sounds like a win for decentralization needs, but at a marginal cost to privacy because of the interaction footprint. The alternative is for direct peer to peer sending, which would require an entirely new architecture or pathway in the current nostr-server design. Not impossible, just not easily feasible.

putting encrypted nsecs on 3rd party servers? There has to be a less risky, more sovereign design here right?

Idea seems to be sovereign designs to me, the few options I found were self-hosted first and "here demo my software" second. The only solution to the problem of ensuring nsec sensitivity for privacy absolutists is run your own code on your own device. These open source projects seem to offer that.