Vitor Pamplona on Nostr: It's possible to build a trustless nsecbunker: a bunker where your private key is not ...
It's possible to build a trustless nsecbunker: a bunker where your private key is not held by the online service provider, but by you in your phone.
Just make an app that receives signing requests via Push Notifications. The bunker server then simply reads new NIP-46 request events from the user's relay and Pushes it to the app. The app wakes up, gets the event and presents an approval screen to the user. After approval, the app sends the NIP-46 response to the client.
The entire permission system would run on your phone.
It would be like a 2-step-auth for every signature. Every like would hit the phone for approval.
Maybe
greenart7c3 (npub1w4u…0jr5) can turn Amber into that.
Published at
2024-02-21 21:05:18Event JSON
{
"id": "e69a8c4dc662fbd1b853db9af1e3cb4c7e65f2772c2bb1dd5f106805077d656d",
"pubkey": "460c25e682fda7832b52d1f22d3d22b3176d972f60dcdc3212ed8c92ef85065c",
"created_at": 1708549518,
"kind": 1,
"tags": [
[
"p",
"7579076d9aff0a4cfdefa7e2045f2486c7e5d8bc63bfc6b45397233e1bbfcb19",
"",
"mention"
]
],
"content": "It's possible to build a trustless nsecbunker: a bunker where your private key is not held by the online service provider, but by you in your phone.\n\nJust make an app that receives signing requests via Push Notifications. The bunker server then simply reads new NIP-46 request events from the user's relay and Pushes it to the app. The app wakes up, gets the event and presents an approval screen to the user. After approval, the app sends the NIP-46 response to the client. \n\nThe entire permission system would run on your phone. \n\nIt would be like a 2-step-auth for every signature. Every like would hit the phone for approval. \n\nMaybe nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 can turn Amber into that. ",
"sig": "d15f052015422fee199164c622a43cbded7e9a08437a63bdab2f4db0f646a026ccc3eff6d3f125a948644ce5a09e7e48d3786371a97fc1d9ef1267118861cdce"
}