On the technical side I'm sort of with you, on the workplace-psychology side I'm very much not. I think most companies of a pretty common sort would look at such a multi-sig setup and take a hard pass (having absorbed maybe15% of the argument).
And the hand-off as you say is trickly. I don't know how tight that can ever be. Pre-shard generation (first shards) someone sees (or can see) the nsec and that someone, for the rest of their life, cannot un-see it. And the shards will need to be revoked, refreshed and swapped out over time, which requires the nsec to do. And employees come and go. Thus the nsec is always going to be at risk of forever residing in multiple human brains, including potentially not nice brains.
Companies as relays, on the other hand, I do sort of like. Leaves everything to cloud IAM. Sort of analogous to Facebook profiles and Facebook pages.
JoeRuelle / Joe Ruelle
npub1hy…wtqnx
2025-03-15 16:33:42
in reply to nevent1q…jzvv
Author Public Key
npub1hyxredcavc6ruqgsf4wf4hmakpwnvefmzaspl7dja6a2sxlx0q3sxwtqnxPublished at
2025-03-15 16:33:42Event JSON
{
"id": "33b9eef8b9c67ae26026e31d08d4405b97692d7d703ed79db0a81a15455a8252",
"pubkey": "b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823",
"created_at": 1742056422,
"kind": 1,
"tags": [
[
"e",
"8b39687351e0ed44c9425dba03fff1bfe089a904dee2f2aee9835ea9e4c28483",
"ws://192.168.18.7:7777",
"root"
],
[
"e",
"43b5475c42a58f0786961d195e79da829b6a84ccdc649e394de51b8acc0e6d4e",
"ws://192.168.18.7:7777",
"reply"
],
[
"p",
"b90c3cb71d66343e01104d5c9adf7db05d36653b17601ff9b2eebaa81be67823",
"wss://relay.damus.io/",
"JoeRuelle"
],
[
"p",
"97c70a44366a6535c145b333f973ea86dfdc2d7a99da618c40c64705ad98e322"
]
],
"content": "On the technical side I'm sort of with you, on the workplace-psychology side I'm very much not. I think most companies of a pretty common sort would look at such a multi-sig setup and take a hard pass (having absorbed maybe15% of the argument). \n\nAnd the hand-off as you say is trickly. I don't know how tight that can ever be. Pre-shard generation (first shards) someone sees (or can see) the nsec and that someone, for the rest of their life, cannot un-see it. And the shards will need to be revoked, refreshed and swapped out over time, which requires the nsec to do. And employees come and go. Thus the nsec is always going to be at risk of forever residing in multiple human brains, including potentially not nice brains. \n\nCompanies as relays, on the other hand, I do sort of like. Leaves everything to cloud IAM. Sort of analogous to Facebook profiles and Facebook pages. \n",
"sig": "4d0d278aae676affe57f3762c9f7d132f307c24af06f5b126073982ddb5f15c499602ea45f4db980d3b81a5400cbde05cd0b6acecda787c217d02b63541ba738"
}