1. The client can regularly check the relays and republish the list of salts if they are deleted.
2. Every vendor can setup their own relay.
3. The list of salts is backup-ed automatically by ios/andr...
Thanks for clarifying.
1-4: makes sense. The downside of relays is IP address (location) leakage to multiple untrusted server if users are not using a VPN.
5: I agree for a wallet use case. But for nostr the user loses his social graph.
6: the UX cost is zero for icloud-key-value-store (users are generally logged into their Apple ID on iOS). On Android there is a UX cost. The main upside I see is 2FA though. Compromise of a passkey is not unlikely on a desktop computer due to higher malware risk. Users could recover their wallet only on mobile devices. A user using yubikeys to secure their Apple/Google account would be resistent to an adversary that has compromised their laptop.
1-4: makes sense. The downside of relays is IP address (location) leakage to multiple untrusted server if users are not using a VPN.
5: I agree for a wallet use case. But for nostr the user loses his social graph.
6: the UX cost is zero for icloud-key-value-store (users are generally logged into their Apple ID on iOS). On Android there is a UX cost. The main upside I see is 2FA though. Compromise of a passkey is not unlikely on a desktop computer due to higher malware risk. Users could recover their wallet only on mobile devices. A user using yubikeys to secure their Apple/Google account would be resistent to an adversary that has compromised their laptop.
