Nostr is an open and decentralised protocol primarily used for real-time posting to social media clients and direct messaging. The protocol does not require any KYC or traditional account creation and recovery methods like an email or phone number; instead, it enables users to create and manage their identities using cryptographic keys.
Using private and public key cryptography gives users total control over their accounts, meaning there is no custodian to help you should you lose your keys. Lost or compromised keys can be devastating for users, especially those who have to built up a considerable data footprint with hundreds of posts and even more followers.
While cryptographic keys have benefits, managing your data yourself is foreign to many, and mistakes will happen. Users will make mistakes, and keys can be compromised due to various factors, such as device loss, malware infections, negligence, naivety in key management or data leaks. To address this issue, NIP-41, a Nostr Improvement Proposal, introduces a standardised mechanism for migrating keys in a secure and user-friendly manner.
Understanding the Need for Key Migration
In traditional social media, if you forgot your password or lost access to your account, you can contact the custodian of your account and provide proof, mainly in the form of KYC information like an email, phone number or ID card and the service like Meta, Twitter or Pinterest will verify the request.
If it all checks out, they will grant you access to your account, and in the case of a stolen account, they will revoke the hacker’s access and associate the account with your contact details.
When you don’t have a custodian, you become the single point of failure if you leave your private key online like a cloud server, if you save your keys as an image, if you accidentally post your private key somewhere online for others to find, if you use compromising software, you’re out of luck, your account will be gone for good.
Having to start from scratch, losing all your content, and contacting your followers is a death blow for many, especially for those who make a living from social media or businesses who have gathered a collection of customers who are interested in their product, a compromised account can deal major damage to your reputation.
Key migration is a crucial aspect of maintaining user privacy and security in Nostr. When a key is compromised, an attacker could gain access to a user’s past messages, contacts, and potentially even future communications.
NIP-41: A First approach to key migration
Since the launch of nostr, the reality for every user was that losing a key meant losing everything, the same as it would be if you lost your Bitcoin keys. Until now, with NIP-41 in the works, it outlines a structured process for key migration, ensuring that users can seamlessly transition to a new key without disrupting their communication channels or losing their established contacts.
How does nostr key migration work?
In its current implementation nostr key migration requires users first to create a recovery account, so you would have the primary account you use daily and a backup account that you could secure with offline keys using a Nostr signing device as your failsafe.
Once you have two accounts, you will head over to your preferred client tool or use a migration tool to whitelist your backup npub. Essentially, you would create a custom event that states that your backup key can take ownership of your current key should you broadcast a recovery event in the future.
You would then broadcast the whitelisting event using the most notary DVM, and you will need to anchor this event to a timestamp. Currently, nostr notary DVM uses the Bitcoin time chain as a method of verification.
What better way to use an immutable ledger, right?
Once the notary DVM has created the time stamp, you are all set up and can freely go about posting and zapping.
In the event of a compromised key, you could head over to a NIP-41 compatible client and use your new public key (npub/nsec) from the backup key to sign a new event and using the notary DVM, it will be checked against the time stamp, and if all is correct, you can sign the migration event.
Clients can then inform followers with a custom message that you’ve set up, stating that the old account has been lost and your new account is available on the backup npub.
Key benefits of NIP-41
NIP-41 offers several compelling benefits for Nostr users:
- Enhanced Security: Key migration effectively revokes compromised keys, preventing unauthorised access to user data and communications.
- Safer Communication: Users can transition to a new key without the need to start over and can indicate to their followers that their previous account was compromised.
- User Empowerment: Key migration empowers users to take control of their Nostr identities and maintain security without relying on intermediaries.
Key recovery within your social circle
The current implementation of nostr key migration is only a proof of concept, and many alternatives exist. This mechanism can be extended with other alternative mechanisms that leverage different standards, such as social recovery with several nostr keys coming together as proofs for creating a whitelist and producing a key migration.
This means you could whitelist a nostr key or several keys to do a migration; this could be one of your close friends or family, or clients could offer this as a paid service.
Keep key migration as a last measure
NIP-41’s standardised key migration mechanism is a welcomed addition to Nostr’s security infrastructure and a step towards making nostr more normie friendly. By enabling users to the last ditch option to revoke compromised keys and migrate to new ones securely, NIP-41 safeguards user privacy and prevents unauthorised access to communication data.
As Nostr continues to evolve and more users come online, mistakes will ramp up, and hackers will be looking to secure compromised accounts for a host of uses. If scammers can secure accounts with a considerable following, they can use them to generate traffic to phishing sites or misguide account followers into scams.
Considering accounts can be attached to Lightning wallets and eCash wallets, there is indeed a monetary incentive to find ways to compromise accounts. NIP-41 will be increasingly critical in ensuring the platform’s long-term security and adoption.
Do your own research.
If you want to try out nostr key migration or learn more about them, we recommend checking out the following resources to kickstart your research.
Are you on Nostr?
If you are a Nostr user and want to hang out and chat with us or follow our content on your preferred Nostr front end, feel free to add us using our PubKey below and send us a Zap if you’ve got sats to spare.
npub10mxnle348mzv2dnj0ylgz3zu9gceenc29x9fr4m6mnars66j7vxsnkn8mj
The Bitcoin Manual’s Nostr Pubkey
Please give us your notes.
If you have used Nostr, which client do you prefer and why? Are there any clients that you think deserve mention? Let us know in the comments below.