m4d4m on Nostr: Interesting, if I understand this correctly: 1) the trade-off is basically about how ...
Interesting, if I understand this correctly:
1) the trade-off is basically about how much time to allocate. Balancing the potential leak damage (timespan) versus nsec access frequency (how often to create epoch keys).
2) this basically gives me (or the nostr client) a temporary key to protect instead of using the nsec for each event.
Have other solutions been proposed? If so, why weren't they implemented?
(
https://untraceabledigitaldissident.com/nostr-cold-root-epoch-key-rotation/)
Cold Root Identity v0.1.0
Cold Root Identity is a simple model for survivable Nostr identities. No protocol changes, no new relay behavior, and no delegation logic.
The idea is straightforward:
- A root key stays offline as the authority
- Epoch keys are derived deterministically for actual daily use
- A signed lineage event proves each new epoch key is legitimate
- Clients treat the newest valid epoch as the user’s active identity
- Old posts stay under old keys; new posts use the fresh one
This gives users safe key rotation without burning their entire account. A compromise only affects a single window instead of the whole identity.
The Python reference implementation, test vectors, and spec are here:
https://github.com/GHOST-UntraceableDigitalDissident/cold-root-identity
If you’re a client dev, this is everything needed to implement rotation cleanly today.
Published at
2025-12-11 00:42:49 UTCEvent JSON
{
"id": "000005260ce899ff25bce16a36dc38b5d32b857e830aeda7c334d1f48e869636",
"pubkey": "dd5b5dacd396add38b735f03fcb73c6a8b7bbd9cf3bd5f68e8c3d21395a696e0",
"created_at": 1765413769,
"kind": 1,
"tags": [
[
"q",
"083b5dce7abeb94089efb6fcf745bb7f99fc7399ba041a97ffff021f940ef235",
"wss://trending.relays.land/",
"3b7fc823611f1aeaea63ee3bf69b25b8aa16ec6e81d1afc39026808fe194354f"
],
[
"nonce",
"1973436",
"21"
]
],
"content": "Interesting, if I understand this correctly:\n\n1) the trade-off is basically about how much time to allocate. Balancing the potential leak damage (timespan) versus nsec access frequency (how often to create epoch keys).\n\n2) this basically gives me (or the nostr client) a temporary key to protect instead of using the nsec for each event.\n\nHave other solutions been proposed? If so, why weren't they implemented?\n\n(https://untraceabledigitaldissident.com/nostr-cold-root-epoch-key-rotation/)\nnostr:nevent1qvzqqqqqqypzqwmleq3kz8c6at4x8m3m76djtw92zmkxaqw34lpeqf5q3lsegd20qydhwumn8ghj7arjv4hxg6twvuh8yetvv9uhxtnvv9hxgtcqyqyrkhww02ltjsyfa7m0ea69hdlenlrnnxaqgx5hlllsy8u5pmer228nff7",
"sig": "c5fbd8ac9619105daad870fd04ad011be4e5d742adb4357c8ad35113afc0fb214e412d7c62de6ad739686c835c717ad240cf35efb35c455d9a50cd55c655bd35"
}
