It is easy to say you don't need key rotation... I did for long time.. I want people that make that claim try to provision keys to even experienced developers and see how often they lose it when they don't really care about it enough initially.

true key rotation is complex and requires things that nostr doesn't have, like a hard arrow of time. but the goal of key rotation is to replace a compromised key, and delegation can provide this

Yes, this is also interesting: https://openmeet.net/cross-app-authentication-atproto

probably for roomy is explain in a blog https://github.com/muni-town/roomy

> Where does a user comment on another user's post live exactly? Your data only ever lives in your own PDS. Even your “likes” are just “files” in your PDS. I don’t fully know about the last two questions but indexers are indeed a big thing.

I follow some influential product people at Cash App / Block and every new feature lately seems to be influenced by things that came about from a nostr-related Jack-idea. For example, they use the BitChat idea to make local cash send. Then they add parental controls and allowance (two accounts conne...

Same. At first I was like meh, but the more I thought about it, the more I realized file formats are basically exactly like that too and they work fine

Yeah it’s really fantastic stuff. I think my pain point is later on when he’s talking about DID’s. A lot of the key management story is handled neatly by BlueSky. But if you want to self host, you’re on your own. And if your PDS goes down, bye bye keys. They just haven’t prioritized maki...

The stamp model is for when users don’t run relays, yeah.