Damus
Open in Damus
Vitor Pamplona profile picture
Vitor Pamplona
@VitorPamplona
Hear me out: A Nostr Service where you can send leaked private keys to:
1. delete everything from those keys everywhere
2. watch for new posts from those keys and delete them as well, forever.

The main idea is to block attackers from using your keys.

The second idea is to let everyone know that their info can indeed be deleted at any time if a person gets your key. If you are using relays that accept deletion events, your Nostr content can be purged from existence.

Have your backups. Don't think relays will be there for you when this happens.
5221❤️65🤙9🙏1
t4es5ter5 · 159w
What if someone steals your key and send it to those service? Then you are erased forever.
faisal · 159w
Is service the right word here?
someone · 159w
1. Set a spare pubk B using secret key A 2. In case the secret key A is stolen, use secret B to publish a special event that says "B is now the secret key replacing A" 3. Clients show a warning that A is stolen and B is the new one. Clients update the follows. Relays can't do much..
Maxwell · 159w
#[0]
pupokopup · 159w
It's a good idea. Very good idea.
Centurion · 159w
That would be a tough situation where one would learn the importance of guarding ones keys. Yet if someone was messing around with my posts I would want exactly that service. Better to sink the ship then wait around to be sabotaged. Can Amethyst make it easier to push your old posts to a personal...
WilliamHodl · 159w
I don't think this a good idea, someone could definitely manipulate this in a bad bad way. This idea scares me.
Centurion · 159w
Also, would it be possible to resync old posts to a new key, that are backed up on a personal relay?
Centurion · 159w
Now that I'm thinking about it, I would be more distraught over having to refollow everyone I have collected. Would be great to have a way to push them to a text file, like bookmarks
neo · 159w
Add an (optional) timestamp. I don't want my past wiped, just block future events.
Vitor Pamplona · 159w
We should call this Nukstr. Also, the replies here show how far we are from correctly educating users about who actually owns their Nostr data and the role of relays. #[0]
threeseries · 159w
I kind of like this idea. It could also be a way to deliberately burn an account if you want to get rid of it. How about such a service also sending out notices which provably came from that service after it has access to a given key? That is, sign something in a way that requires both the service'...
Alex Gleason · 159w
I’ve already created a small server that does this, although it needs to be self-hosted. Can handle thousands of keys easily: https://gitlab.com/soapbox-pub/plan-b
kennytaylor · 159w
The request would need to be signed by the leaked key, similar to an SSL certificate revocation list. That affrms that either 1) the owner requested the revocation, or 2) the key was leaked and someone else requested the revocation. The same mechanism could be used for de facto account deletion, i...