[bawolff]

People seem to manage their whatsapp (or signal, etc) keys just fine. Because its an app that just stores it as a file and doesn't tell you about it.

So i think there are viable solutions here. It mostly just means having an app to manage the keys for you.

[lxgr]

> People seem to manage their whatsapp (or signal, etc) keys just fine.

The opposite is the case: WhatsApp and Signal manage the keys for them, mostly in the background (unless you actively verify identities).

You can try it yourself: Turn off your phone, ask a friend to send you a message, throw your phone into a volcano, reactivate your account on a new phone without entering any secret keys. You'll still receive the message.

I personally think that most of Signal's and even WhatsApp's tradeoffs are reasonable for a product with an adaption of hundreds of millions, but it's decidedly not cryptographic self-custody.

[rglullis]

Both signal and WhatsApp punt key revocation and recovery to phone number verification, so ultimately these keys belong to phone number provider.

[bawolff]

Sure, there are costs involved in the trade off, but the benefit is a system that actually works for the average user.

[rglullis]

My point is that is this is not a trade-off but a complete violation of the principles that are used to justify the existence of nostr.

Nostr's whole shtick is about "users owning their keys". If I can not change the keys used on WhatsApp or Signal, I do not own them. They are not in the same class, so the comparison is moot.

[bawolff]

I dont see any reason why an app approach cant support that.

But honestly one of the reasons why these sorts of apps dont take off, is they rigidly adhere to security properties that dont make sense and nobody really cares about, at the expense of making an unusable app.

[rglullis]

> I dont see any reason why an app approach cant support that.

Matrix clients have e2ee encryption like Signal or WhatsApp.

Every single one of my close contacts that I have on my server have ignored or misunderstood the instructions to download and store the recovery key when they first access the servers.

I have customers on my support channel who keep trying different clients (Element, ElementX, Fractal) and every time they fail to validate their sessions.

Then I have customers who got their phone stolen and then come asking me to either delete the data on their phone.

---

There is no magic about "putting it in a app to manage it". If any "app approach" you come up with creates a sandbox between user and device, then the user can not even see their private keys, then they effectively do not own it.

If you are doing "nostr, but with keys sandboxed on the device", then you are just recreating Signal - which is not decentralized - then what's the point?

[nout]

Sandboxing keys on the device is indeed removing one point of nostr, but to clarify on your point: The difference between Signal and Nostr is that in nostr there are hundreds of independent servers (relays) that your app broadcasts events to, whereas on Signal it's just one centralized server.