The primary salt is an hard coded string defined in the protocol. Using it the list of the salts used by the same passkey can be obtained from the relays.
If by "the user trusts his nostr relays to st...
We’ve seen relays nuke their databases regularly which means users would ultimately rely on the breez relay to store their salt. As a user I personally prefer icloud to store my data longterm independent of a wallet vendor. But it is a matter of taste.
CSPP derives a master encryption key independent of the passkey to encrypt the nsec and stores the ciphertext besides the salt in icloud. Without it users would need to rotate their nsec when they rotate their passkey. I believe this is an important feature for the management of longterm user keys.
But PRF will be used in many different ways by different vendors. So I don’t expect convergence on one standard.
CSPP derives a master encryption key independent of the passkey to encrypt the nsec and stores the ciphertext besides the salt in icloud. Without it users would need to rotate their nsec when they rotate their passkey. I believe this is an important feature for the management of longterm user keys.
But PRF will be used in many different ways by different vendors. So I don’t expect convergence on one standard.
2
