Devs that decide to not KYC can still continue to release unsigned APKs that work on Graphene (and AOSP devices that don’t enforce signatures).

Also call me naiv but user will still demand devices that allow them to install any APK. So there is a financial incentive for device vendors to ignore Google’s policy (or make opt-out very easy by showing a warning like macOS).

Agree. I don’t understand the original post tbh. What stops Graphene users from installing proprietary apps if the OS just ignores Google’s APK signature enforcement? There is still Aurora to download signed apps from KYCed devs?

One option is to get a Thermomix and bake yourself. We bought one in October and it’s helping me learn to cook more healthy.

Thanks Roy. Good discussion re prf here everyone … I have a better understanding of the trade-offs of each design now. For breez sdk the simplified design makes sense. Re import … I presume existing Liquid/Spark users could just derive a new wallet from the passkey and sweep funds from their old wallet with relatively low fees. Is this how existing misty breez users will be migrated?

@Roy @Yaacov Akiba Slama

How does a user prevent sync of the passkey to his desktop? iCloud Keychain items are synced to all devices. Same with 1Password.

Thanks for clarifying.

1-4: makes sense. The downside of relays is IP address (location) leakage to multiple untrusted server if users are not using a VPN.

5: I agree for a wallet use case. But for nostr the user loses his social graph.

6: the UX cost is zero for icloud-key-value-store (users are generally logged into their Apple ID on iOS). On Android there is a UX cost. The main upside I see is 2FA though. Compromise of a passkey is not unlikely on a desktop computer due to higher malware risk. Users could recover their wallet only on mobile devices. A user using yubikeys to secure their Apple/Google account would be resistent to an adversary that has compromised their laptop.

Oh and users get 2FA for free as an additional security layer when using iCloud/GDrive. Apple even makes users enable 2FA when storing passkeys https://support.apple.com/guide/iphone/use-passkeys-to-sign-in-to-websites-and-apps-iphf538ea8d0/ios

If the digital euro would simply be a cashu mint that users could connect any cashu wallet to it might be interesting (at least until the euro hyperinflates due to europe’s unsustainable social security and demographics). That would at least provide protection against censorship of individual users. But the ECB would never allow a truly private and open digital cash system.

We’ve seen relays nuke their databases regularly which means users would ultimately rely on the breez relay to store their salt. As a user I personally prefer icloud to store my data longterm independent of a wallet vendor. But it is a matter of taste.

CSPP derives a master encryption key independent of the passkey to encrypt the nsec and stores the ciphertext besides the salt in icloud. Without it users would need to rotate their nsec when they rotate their passkey. I believe this is an important feature for the management of longterm user keys.

But PRF will be used in many different ways by different vendors. So I don’t expect convergence on one standard.