[lxgr]

Great concise description of the problem.

As for the solution, it seems to explicitly not address recovery of lost keys/identities, which is however exactly the part that makes this hard for regular users.

That, and general name confusion attacks, I suppose: "I'm lxgr17@key, yeah, don't ask about the first 16. Oh also make sure 'key' is not the one with the Georgian lowercase e in the middle, that one's an impostor. Wait, actually, let me quickly spell it out in hexadecimal Unicode points..."

At least blockchain addresses have that going for them: They're way too long to even try and remember or spell out on the phone.

[tptacek]

It's not "hard" for regular users; it's a complete non-starter for regular users. Every "non-custodial" or "self-sovereign" system of trusted identities founders on this issue: account recovery is the hardest problem in identity, and if you don't have a solution for it, your system is going to be a niche at best.

People have been coming up with these schemes for decades, and for that entire time, the near-universal de facto standard trusted identity system has been "Google accounts". People knew at the beginning that they were delegating trust to Google; they know it now as well; they are not going to adopt "names resolve to a key, the same key, in every application", no matter how many different names that scheme is given.

[merelydev]

Yes, the UI/UX of decentralized systems is so difficult for users that it creates demand for centralized systems to manage it for them, Coinbase, Gmail, Github, Twitter, The Pirate Bay.

[buffrr]

there's nothing wrong with a keychain or password manager holding your keys. passkeys already work exactly this way, completely transparent to the user. it's fine for most users.

[buffrr]

> not address recovery of lost keys/identities

Key loss is hard but not insurmountable. Social recovery / split-key custody seem like the right direction. Apple uses "recovery contacts" if you have advanced data protection enabled. A friend holds one share, Apple holds another but neither can recover alone. that's social recovery + split-key shipping to hundreds of millions of devices today

> That, and general name confusion attacks, I suppose: "I'm lxgr17@key...

pre-registering the obvious typo neighbors (lxrg, 1xgr ... etc) and it's cheap since handles batch-issue off-chain under a fixed 32-byte root, and strict ascii only charset ... etc could help mitigate some of this.

[Terr_]

It's interesting to imagine how different the security landscape would be if human brains could easily transcribe a smallish quantity of high-value bits [0] and then compare two versions for exact equality.

I think the exact and trusted data-movement is the hard part. If we could instantly transcribe a 150 digit number (~512 bits) from eye to fingertips, then the actual memory/comparison could be done in any pocket-calculator, with X-Y==0.

[Krasnol]

Wait, actually, let me quickly...send it over in Whatsapp