You might be interested in https://github.com/coracle-social/pomade
It's not perfect, but it does allow folks to somewhat credibly exit a custodial system with their key when they care enough to.
This is fine and it is not too different from having a TEE (which Signal uses but not for key management), but this allow you to recover from losing your keys, it doesn't allow you to change the recovery mechanism.
You need the later for;
1. Recover from the TEE or trusted cosigners attempt to rug you.
2. Recover from the TEE or trusted cosigners dying and you losing enough shares that you can't sign anything.
3. Move to a more secure set of keys, without worrying about old shares leaking or being found on an old drive ... Basically like you do when your hot wallets has uncomfortable amounts of Bitcoin so you upgrade your setup.
3. Transfer the ID to someone else which is necessary for:
A) selling a company
B) a DAO or regular org changing management
C) onboarding a minor or a friend or an old family member with custody of their keys, then finally they are ready to take full control.
So we will still need the full solution, and it happens to offer us with;
1. Short names easy to read and copy and write.
2. Rate limit of users which helps slightly with spam by making the cost of burners non zero
3. Bounded set of identities mean you can have perfect replication of the set in gossip similar to perfect replication of bitcoin data.
So I figure we should build it even if no one uses it, because why not.
You need the later for;
1. Recover from the TEE or trusted cosigners attempt to rug you.
2. Recover from the TEE or trusted cosigners dying and you losing enough shares that you can't sign anything.
3. Move to a more secure set of keys, without worrying about old shares leaking or being found on an old drive ... Basically like you do when your hot wallets has uncomfortable amounts of Bitcoin so you upgrade your setup.
3. Transfer the ID to someone else which is necessary for:
A) selling a company
B) a DAO or regular org changing management
C) onboarding a minor or a friend or an old family member with custody of their keys, then finally they are ready to take full control.
So we will still need the full solution, and it happens to offer us with;
1. Short names easy to read and copy and write.
2. Rate limit of users which helps slightly with spam by making the cost of burners non zero
3. Bounded set of identities mean you can have perfect replication of the set in gossip similar to perfect replication of bitcoin data.
So I figure we should build it even if no one uses it, because why not.
1❤️1