{ "id": "23791a60b65c898b2eaa500323ef918e0c9d61b6a6dc16d7da42a3cc935075d7", "pubkey": "fd208ee8c8f283780a9552896e4823cc9dc6bfd442063889577106940fd927c1", "created_at": 1715778900, "kind": 1617, "tags": [ [ "a", "30617:397417f84734d01c2e9bebdfb68fadaa0099b92e6831ff3f4e1ed54ec893edef:nips", "wss://relay.damus.io" ], [ "r", "f25c7e672c23ca5463fa5c0fcb5e5f424d956862" ], [ "t", "cover-letter" ], [ "t", "root" ], [ "p", "397417f84734d01c2e9bebdfb68fadaa0099b92e6831ff3f4e1ed54ec893edef" ] ], "content": "From 3d450733917dafd6bfc6f2b1fc7aa32f09efec6d Mon Sep 17 00:00:00 2001\nSubject: [PATCH 0/1] Burning an npub\n\nThe npub+nsec combination brings the advantage that no user can have their passkey stolen and end up \"locked out\" of their own profile or app accounts by the thief changing their passkey. This is a securtiy advancement. However, the problem remains that the passkey (nsec) could be stolen or be given to a bad actor, and then the user must helplessly \"share\" the passkey with them. Both owner and thief can continue to sign events using this passkey. For this reason, I suggest we give users the possibility to burn an npub, by issuing a final event describing the npub as \"retired\".", "sig": "e89800b1d4b5b53caa2f65578137d1455b806152ac11903990c2e0688c1de53735749461c64de0c2271f2766194a5ebb88bd559afc97647e40936a99ab19249b" }