yeah it's a delicously juicy problem for me to ponder on
you need to just remember that we can avoid storing actual valuable data of our clients, for a start, no kyc, at least, not on the gear that is doing the service
then you have threat models
the network side, the cryptography is pretty solid, but we have issues that may grow in complexity when the number of administrators increases, 1 admin, easy, 5 admins, that is 25x the risk level
the physical level, not sure how to address that one npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkjis (npub1226…kjis) probably more geared towards this vector of attack in his work with secure elements... my inclination would be to say we colocate and put strong squealers on our hardware
mleku
npub1fj…mleku
2025-03-31 12:50:49
in reply to nevent1q…fawh
Author Public Key
npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmlekuSeen on
wss://mleku.realy.lolwss://relay.primal.netwss://relay.nostr.band/npub16r0tl8a39hhcrapa03559xahsjqj4s0y6t2n5gpdk64v06jtgekqdkz5plwss://nostr.winePublished at
2025-03-31 12:50:49Event JSON
{
"id": "6a682dc4161ad18db30155df2ab4610fb322f21623ea43df8578f5fbd37c614a",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1743425449,
"kind": 1,
"tags": [
[
"e",
"4aee0377b414ea9afe4e0856e68850f158e2253009aeb50610299c37ae0069ea",
"",
"root",
"dd664d5e4016433a8cd69f005ae1480804351789b59de5af06276de65633d319"
],
[
"e",
"da72e014283ec365997f814d05c362e64e37b1402e565eb06cfee064df5e4d21",
"wss://theforest.nostr1.com/",
"reply",
"fd208ee8c8f283780a9552896e4823cc9dc6bfd442063889577106940fd927c1"
],
[
"p",
"52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd"
],
[
"p",
"7cc328a08ddb2afdf9f9be77beff4c83489ff979721827d628a542f32a247c0e"
],
[
"p",
"21b419102da8fc0ba90484aec934bf55b7abcf75eedb39124e8d75e491f41a5e"
],
[
"p",
"fd208ee8c8f283780a9552896e4823cc9dc6bfd442063889577106940fd927c1"
],
[
"client",
"jumble"
]
],
"content": "yeah it's a delicously juicy problem for me to ponder on\n\nyou need to just remember that we can avoid storing actual valuable data of our clients, for a start, no kyc, at least, not on the gear that is doing the service\n\nthen you have threat models\n\nthe network side, the cryptography is pretty solid, but we have issues that may grow in complexity when the number of administrators increases, 1 admin, easy, 5 admins, that is 25x the risk level\n\nthe physical level, not sure how to address that one nostr:npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkjis probably more geared towards this vector of attack in his work with secure elements... my inclination would be to say we colocate and put strong squealers on our hardware",
"sig": "4b92f2814ff188a11b9c29d73e409e2fe6fb1bafe6f657dbe7e6a09de440966b3350d1aad0be48a13df23086bd5de1c37d592998c132b31ba707a9c25241ca06"
}