What missing documentation do you think should be added to https://docs.soapbox.pub/ditto/ ?
As for custodial login, apart from the UX/freedom concerns I have with it, it's a huge liability on the server owner to store potentially thousands of keys... one breach to the server would permanently compromise potentially thousands of accounts. This would paint a huge target on Ditto servers. Right now Ditto is the most secure piece of complex software I've ever build because there's nothing to hack.
I get that there are issues with the keypair flow. Believe me, it's a big problem in my mind. Adoption is hindered by it. But this is Nostr. Keys are the entire point. We have to convince users that they want to manage their own key.
Alex Gleason 🐍🚬 /
npub1q3…cd26p
2024-09-23 21:38:22
in reply to nevent1q…8kk4
Author Public Key
npub1q3sle0kvfsehgsuexttt3ugjd8xdklxfwwkh559wxckmzddywnws6cd26pPublished at
2024-09-23 21:38:22Event JSON
{
"id": "03904d9e852fae5800b06273798e940c6dbb00df8a6dc320d2d25bc06f82e94b",
"pubkey": "0461fcbecc4c3374439932d6b8f11269ccdb7cc973ad7a50ae362db135a474dd",
"created_at": 1727127502,
"kind": 1,
"tags": [
[
"e",
"0774d895bade78b950849e07e0f610d5a1196acb4f4184a9aa1d6286a30167f9",
"wss://gleasonator.dev/relay",
"root"
],
[
"e",
"6cec87da2fa48ffc8e489accfe1482e77d80f31236ca449de1c2d5fb19787bc5",
"wss://gleasonator.dev/relay",
"reply"
],
[
"p",
"76c71aae3a491f1d9eec47cba17e229cda4113a0bbb6e6ae1776d7643e29cafa"
],
[
"p",
"de7ecd1e2976a6adb2ffa5f4db81a7d812c8bb6698aa00dcf1e76adb55efd645"
],
[
"r",
"https://docs.soapbox.pub/ditto/"
]
],
"content": "What missing documentation do you think should be added to https://docs.soapbox.pub/ditto/ ?\n\nAs for custodial login, apart from the UX/freedom concerns I have with it, it's a huge liability on the server owner to store potentially thousands of keys... one breach to the server would permanently compromise potentially thousands of accounts. This would paint a huge target on Ditto servers. Right now Ditto is the most secure piece of complex software I've ever build because there's nothing to hack.\n\nI get that there are issues with the keypair flow. Believe me, it's a big problem in my mind. Adoption is hindered by it. But this is Nostr. Keys are the entire point. We have to convince users that they want to manage their own key.",
"sig": "e7675a2979cb18c4e26038e5ac2213e843210d6078a6435f23119a0c0b52a9ef064936521a22ef72efbe4bf004f179d4a376e52616cb8a8e615c07f713048032"
}