Yesterday, I permanently lost the private key to my original Nostr pubkey. I was using #amethyst and noticed something was off, and it turned out #amber had lost the private key. This happened exactly one week after I, in an effort to enhance security, had consolidated all my scattered private keys to sign exclusively through #amber using NIP-46.
While managing the private key in one place did reduce the attack surface, which was good, losing it meant I had no recourse. I knew I should have made a backup, but I deeply regret thinking, "It's a hassle, I'll do it later."
In hindsight, I think it would have been fine to have the private key on a couple of devices, like my main phone and computer, or to have made a really secure backup.
I haven't been active on Nostr for a particularly long time, nor did I have many personal contacts there, but it still feels like I've lost a part of my identity. It's not just a feeling; it's a reality. If Nostr becomes a mainstream solution for identity verification in the future, this issue will become even more critical, especially for those who have invested significant effort in building their reputation.
If you've been managing your private key without giving it much thought, I urge everyone to check on it today.
#bunker #nsec #privkey
hoppe2
npub1pt…4eera
2025-05-20 00:12:02
Author Public Key
npub1pt4qwkcpp76et45pfatrxqywsuxh0gky84xa592yapesuqye29zql4eeraPublished at
2025-05-20 00:12:02Event JSON
{
"id": "9881b6c627555adeb3180c858f19f58bd7b152a399dce890e47d8d63174bd2a9",
"pubkey": "0aea075b010fb595d6814f5633008e870d77a2c43d4dda1544e8730e00995144",
"created_at": 1747699922,
"kind": 1,
"tags": [
[
"t",
"amethyst"
],
[
"t",
"amber"
],
[
"t",
"bunker"
],
[
"t",
"nsec"
],
[
"t",
"privkey"
]
],
"content": "Yesterday, I permanently lost the private key to my original Nostr pubkey. I was using #amethyst and noticed something was off, and it turned out #amber had lost the private key. This happened exactly one week after I, in an effort to enhance security, had consolidated all my scattered private keys to sign exclusively through #amber using NIP-46.\nWhile managing the private key in one place did reduce the attack surface, which was good, losing it meant I had no recourse. I knew I should have made a backup, but I deeply regret thinking, \"It's a hassle, I'll do it later.\"\nIn hindsight, I think it would have been fine to have the private key on a couple of devices, like my main phone and computer, or to have made a really secure backup.\nI haven't been active on Nostr for a particularly long time, nor did I have many personal contacts there, but it still feels like I've lost a part of my identity. It's not just a feeling; it's a reality. If Nostr becomes a mainstream solution for identity verification in the future, this issue will become even more critical, especially for those who have invested significant effort in building their reputation.\nIf you've been managing your private key without giving it much thought, I urge everyone to check on it today.\n\n#bunker #nsec #privkey",
"sig": "3220e131177fa9428a9f6ba12a95ddf375f0fc49946dc17c9102e66a46948b0408c82d7a76805c9f7bc5cd5c9e1371e10b63e187e874b126e32c67552e07bc70"
}