Wonder if we could use OpenTimestamps and on-chain keys as a second factor for Nostr authentication. For example you could sign a message attesting to your ownership of an npub with a key to one of your UTXOs and stamp it and then publish it on Nostr in your profile.
Use case: suppose your nsec becomes compromised and you want to inform your web of trust to swap out your npub for a new one. We need an independent and decentralized way to differentiate the correct npub from an attacker’s.
Seems better than NIP-05 which is DNS based.
MachuPikacchu / Machu Pikacchu
npub1r6…4gmmd
2024-09-26 23:28:12
Author Public Key
npub1r6ggl0qazvwp02rlxgrf75lkfazuwhu35tmdg0u25eqsjax6243qh4gmmdPublished at
2024-09-26 23:28:12Event JSON
{
"id": "9307c7a2593f545e4f3d49384c4b607c0f7aefd7bf72bdf9b01e70a6b3d91764",
"pubkey": "1e908fbc1d131c17a87f32069f53f64f45c75f91a2f6d43f8aa6410974da5562",
"created_at": 1727393292,
"kind": 1,
"tags": [],
"content": "Wonder if we could use OpenTimestamps and on-chain keys as a second factor for Nostr authentication. For example you could sign a message attesting to your ownership of an npub with a key to one of your UTXOs and stamp it and then publish it on Nostr in your profile.\n\nUse case: suppose your nsec becomes compromised and you want to inform your web of trust to swap out your npub for a new one. We need an independent and decentralized way to differentiate the correct npub from an attacker’s.\n\nSeems better than NIP-05 which is DNS based.",
"sig": "3daf35335d439a00593dda4da92f5eb912157a640e649c186ee58dea986c213f7f21edac1841a95c9e9ebef46a9128375ee09fd15d36ee41c00e889668407a6c"
}