Tim Bouma on Nostr: I’m always amazed at the application-level security I get for free, because ...
I’m always amazed at the application-level security I get for free, because security is baked into the root of the nostr protocol.
For example, I have a nsec that is dedicated to the service and I use that key to encrypt and decrypt user browser session cookies. If I suspect my service private key is compromised, I simply re-generate and rotate, and boom, everyone needs to log back in again.
Published at
2025-03-21 13:04:16Event JSON
{
"id": "8bbfdd03509ed4346e9fe1b2888cde235da45405107f55d3b2c02284771eb8f9",
"pubkey": "06b7819d7f1c7f5472118266ed7bca8785dceae09e36ea3a4af665c6d1d8327c",
"created_at": 1742562256,
"kind": 1,
"tags": [],
"content": "I’m always amazed at the application-level security I get for free, because security is baked into the root of the nostr protocol.\n\nFor example, I have a nsec that is dedicated to the service and I use that key to encrypt and decrypt user browser session cookies. If I suspect my service private key is compromised, I simply re-generate and rotate, and boom, everyone needs to log back in again.",
"sig": "12302f35601c280b0e42a9b27c4c83672a1d16cdc7147e1a903db50170cd10a77242dfbbc2e6351e5a5cdccb5044471733a8954ad83800114374992fc154a24e"
}
