I love the feature to generate a nostr key from the seed. It makes sense that the Passport should also be able to sign nostr events using that key.
Nostr has grown to the point where hardware devices are really necessary to secure one’s identity. We have seen “hot” storage of nostr keys compromised several times already, impacting thousands of users.
I am a nostr dev and I would love to integrate a QR-based signature flow into my web application. I could use my Passport to scan the event I’m going to sign from my screen, the Passport could sign it, and then the Passport could display the signed event (or just the hash and signature) so it could be read by my phone/computer’s camera. Then the signed event could be broadcast by my web client.
I looked at the Passport code briefly but I mainly do TypeScript so I didn’t see a way that I could contribute this feature easily. But I’d like to suggest that this could be a very popular feature, as there is no other commercially available hardware signing device that supports nostr signing.
In fact, I don’t think any other hardware device supports generating nostr keys, so Foundation is already ahead of the game there.
You could sell a lot of Passports if it were the first nostr hardware signer. Just saying
Hey, firstly thanks for joining our new community!
We’ve have discussed this internally when we first rolled out the Nostr part of the Key Manager. We pretty much all agreed that although the concept seems pretty cool, the reality is pretty terrible UX.
Imagine a two way QR code scan for every single post, like, comment and retweet. It makes sense for a USB or Bluetooth device that can handle that automatically (or not, depending on the permissions given), but doing so with an air-gapped device would get old very quickly.
We’re confident that, for now at least, there’s next to zero appetite for such a thing to exist. I’m happy to be proven wrong though, if you have other experience?
I have had the exact same concerns and discussions with other developers, but here is the deal: nostr identities are becoming and will become valuable enough that they need this kind of security. Additionally, not all nostr identities are used primarily for liking and commenting. One must consider that many non-social applications exist on nostr and many more are coming. And, as far as UX goes, scanning a QR code seems to be the cleanest approach for an airgapped system, and it would be easy to implement into the client-side codebase. No USB cable needed, and it works on mobile or desktop! Just having my Passport and my phone would be all I needed to use my nostr identity anywhere.
I am telling you that there is an appetite for this to exist, so it’s not zero. One of my friends sent a PR to Trezor to add nostr signing into their firmware. It coming.
Additionally, it doesn’t really make sense for Passport, an airgapped hardware wallet, to generate a nostr key just for us to copy that key into our software to be compromised. What’s the point of that? It’s not helping keep anything secure. I get that it’s derived from the seed but that isn’t helpful; if the nostr key leaves the device then we may as well backup the key in a password manager.
We can generate nostr keys 1000 different ways that are less secure than the Passport. The only reason I’d generate a nostr key with Passport is if Passport could help keep it secure and airgapped, which is the primary function of the device.
Prime will allow us to do everythign you are talking about without the UX friction of having to scan QR codes back and forth, while allowing to keep your private keys offline at the same time. We’re excited about the opportunities this device will bring!
