mirror of
https://github.com/nostr-protocol/nips.git
synced 2025-01-13 09:02:09 -05:00
parent
0e3f237689
commit
937f68a3dc
28
41.md
28
41.md
|
@ -7,13 +7,13 @@ Identity management
|
||||||
`draft` `optional`
|
`draft` `optional`
|
||||||
|
|
||||||
|
|
||||||
This NIP introduces a reliable and verifiable solution for users to manage their identities, along with standard procedures for dealing with catastrophic cases. It also outlines the differences between simple and secure identities.
|
This NIP introduces a robust, best effort and verifiable way for users to manage their identities and standard ways to deal with catastrophe cases. It also describes simple identities and secured identities.
|
||||||
|
|
||||||
# Basic concepts
|
# Basic concepts
|
||||||
* **Secured identities**
|
* **Secured identities**
|
||||||
* These identities are composed of a **master keypair** and an **active subkey**.
|
* These identities are composed of a master keypair and an active subkey.
|
||||||
* The master key pair is used to derive, secure and back up subkeys, and acts as a trusted source of truth for announcements related to subkeys.
|
* The master keypair is used to derive, secure, and back up subkeys, and acts as a trustworthy source of truth for announcements related to subkeys.
|
||||||
* To derive a subkey it is recommended, but not mandatory, to use bip-32 as described in [NIP-06](https://github.com/nostr-protocol/nips/blob/master/06.md) with the derivation path `m/44'/1237'/<account>'/0/0`. This gives us HD addresses and a `xpub` that can be used as proof in a future catastrophe case. Other derivation paths can be used if the user knows what its doing. No derivation scheme needs to be used, users can just generate random keypairs and use them, this gives users less control over subkeys and no proof of derivation.
|
* To derive a subkey it is recommended, but not mandatory, to use bip-32 as described in NIP-06 with the derivation path `m/44'/1237'/<account>'/0/0`. This gives us HD addresses and a `xpub` that can be used as proof in a future catastrophe case. Other derivation paths can be used if the user knows what its doing. No derivation scheme needs to be used, users can just generate random keypairs and use them, this gives users less control over subkeys and no proof of derivation.
|
||||||
* The active subkey should be considered the current account in use for a master keypair, and there should only be one current subkey in use per master keypair.
|
* The active subkey should be considered the current account in use for a master keypair, and there should only be one current subkey in use per master keypair.
|
||||||
* Both the master keypair and active subkey should maintain a list of relays in common.
|
* Both the master keypair and active subkey should maintain a list of relays in common.
|
||||||
* Users should follow the master keypair to stay up to date with announcements related to the active subkey or revocation certificates. However, it is not mandatory as the described conventions ensure backward compatibility. Subkeys can provide all necessary information to stay uptadate.
|
* Users should follow the master keypair to stay up to date with announcements related to the active subkey or revocation certificates. However, it is not mandatory as the described conventions ensure backward compatibility. Subkeys can provide all necessary information to stay uptadate.
|
||||||
|
@ -22,7 +22,7 @@ This NIP introduces a reliable and verifiable solution for users to manage their
|
||||||
* **Simple identities**
|
* **Simple identities**
|
||||||
* They are regular nostr identities that are not backed by a master keypair.
|
* They are regular nostr identities that are not backed by a master keypair.
|
||||||
* A simple identity can be transformed in a *Secured identity* by following the conventions described below.
|
* A simple identity can be transformed in a *Secured identity* by following the conventions described below.
|
||||||
* *Secured identities* and *simple identities* differ from each other because *secured identities* master keypairs have a secure checkpoint created (event `kind:1775`) and a current subkey in use (event `kind:1776`). A subkey represents its role by adding a `p` tag to its kind-0, pointing to the public key of the master keypair.
|
* *Secured identities and simple identities differ from each other because *secured identities* master keypairs have a secure checkpoint created (event `kind:1775`) and a current subkey in use (event `kind:1776`). A subkey represents its role by adding a `p` tag to its kind-0, pointing to the public key of the master keypair.
|
||||||
* *Simple identities* and master keypairs don't contain a `p` tag in their kind-0 to indicate that they don't belong to or are associated with other accounts.
|
* *Simple identities* and master keypairs don't contain a `p` tag in their kind-0 to indicate that they don't belong to or are associated with other accounts.
|
||||||
* *Simple Identities* doesn't have a published secure checkpoint event.
|
* *Simple Identities* doesn't have a published secure checkpoint event.
|
||||||
* **`kind:1775` Secure checkpoint**
|
* **`kind:1775` Secure checkpoint**
|
||||||
|
@ -40,12 +40,12 @@ This NIP introduces a reliable and verifiable solution for users to manage their
|
||||||
* Revocation certificates or key migration are events that contain proofs that should be used to validate how trustworthy a new purpose identity is.
|
* Revocation certificates or key migration are events that contain proofs that should be used to validate how trustworthy a new purpose identity is.
|
||||||
* When a *Simple Identity* publishes this event, a 60-day period begins during which a user may publish a competing migration event pointing to an earlier `kind:1776` event. After this period, clients SHOULD automatically update the user's follower list to the new pubkey.
|
* When a *Simple Identity* publishes this event, a 60-day period begins during which a user may publish a competing migration event pointing to an earlier `kind:1776` event. After this period, clients SHOULD automatically update the user's follower list to the new pubkey.
|
||||||
* When the master key pair of a *secured identity* publishes a revocation certificate, clients can check to validate the following proofs.
|
* When the master key pair of a *secured identity* publishes a revocation certificate, clients can check to validate the following proofs.
|
||||||
* Checkpoint Proof: The client checks if a provided preimage and a secure checkpoint hash match.
|
* **Checkpoint Proof:** The client checks if a provided preimage and a secure checkpoint hash match.
|
||||||
* Derivation tree proof(optional): The client checks if the historical identities used in past `kind:1776` events belong to a given `xpub`.
|
* **Derivation tree proof(optional):** The client checks if the historical identities used in past `kind:1776` events belong to a given `xpub`.
|
||||||
* Social proof(optional): the event contains a list of people that the master keypair attaches to the revocation certificate as `p` tags. These pubkeys are designated as trusted identities that can judge/signal if the new proposed identity is trustworthy or not.
|
* **Social proof(optional):** the event contains a list of people that the master keypair attaches to the revocation certificate as `p` tags. These pubkeys are designated as trusted identities that can judge/signal if the new proposed identity is trustworthy or not.
|
||||||
* If no social proof is required, clients can simply check the proofs provided, and if they are valid, they SHOULD automatically update the user's follower list to the new pubkey.
|
* If no social proof is required, clients can simply check the proofs provided, and if they are valid, they SHOULD automatically update the user's follower list to the new pubkey.
|
||||||
* If social proof is required, a 30-day period begins during which designated users can signal whether the new identity announced in the revocation certificate is trustworthy by reacting to the revocation certificate event with a `kind:7` reaction event.
|
* If social proof is required, a 30-day period begins during which designated users can signal whether the new identity announced in the revocation certificate is trustworthy by reacting to the revocation certificate event with a `kind:7` reaction event.
|
||||||
* After this period, clients SHOULD automatically update the user's follower list to the new pubkey if there is sufficient evidence to validate the trustworthiness of the new identity.
|
* After this period, clients SHOULD automatically update the user's follower list to the new pubkey if there is sufficient evidence to validate the trustworthiness of the new identity.
|
||||||
* `kind:1775` and `kind:1777` MUST always be open timestamped. `kind:1776` SHOULD only be timestamped if it is published by a *simple identity*.
|
* `kind:1775` and `kind:1777` MUST always be open timestamped. `kind:1776` SHOULD only be timestamped if it is published by a *simple identity*.
|
||||||
* Relays SHOULD NOT delete `kind:1040`, `kind:1775`, `kind:1776`, nor `kind:1777` events from their database upon receiving a `kind:5` event.
|
* Relays SHOULD NOT delete `kind:1040`, `kind:1775`, `kind:1776`, nor `kind:1777` events from their database upon receiving a `kind:5` event.
|
||||||
|
|
||||||
|
@ -76,9 +76,7 @@ Every *secured identity* starts as a *simple identity*. Then, if a *simple ident
|
||||||
```
|
```
|
||||||
- `pubkey` is the pubkey of the master keypair is creating the checkpoint.
|
- `pubkey` is the pubkey of the master keypair is creating the checkpoint.
|
||||||
- `kind` MUST be `1775`
|
- `kind` MUST be `1775`
|
||||||
- `content` MUST be the hashed secret.
|
- `content` is a hashed secret.
|
||||||
- `proof` tag MUST list the kind:1040 event that provides the Opentimestamp data.
|
|
||||||
|
|
||||||
- Subkey announce `kind:1776`:
|
- Subkey announce `kind:1776`:
|
||||||
- This event defines the subkey that will be in use.
|
- This event defines the subkey that will be in use.
|
||||||
- Subkey announce event example
|
- Subkey announce event example
|
||||||
|
@ -166,7 +164,7 @@ Multiple `kind:1776` events can exist. All `kind:1776` MUST be opentimestamped f
|
||||||
Relays SHOULD NOT delete `kind:1040` nor `kind:1776` events upon receiving a `kind:5` event.
|
Relays SHOULD NOT delete `kind:1040` nor `kind:1776` events upon receiving a `kind:5` event.
|
||||||
## Migrating to a pubkey
|
## Migrating to a pubkey
|
||||||
### Secured identity
|
### Secured identity
|
||||||
If the user needs to rotate to a new subkey, they simply follow the conventions described in `Rotating/whitelisting a pubkey` above. This is considered a **minor catastrophe case**
|
If the user needs to rotate to a new subkey, they simply follow the conventions described in `Rotating/whitelisting a pubkey` above. This is considered a minor catastrophe case
|
||||||
|
|
||||||
By having a master keypair as the source of truth, users don't need to timestamp events, and clients can perform the switch to the new subkey as soon as they validate the `kind:1776` events published by the master keypair and the active subkey.
|
By having a master keypair as the source of truth, users don't need to timestamp events, and clients can perform the switch to the new subkey as soon as they validate the `kind:1776` events published by the master keypair and the active subkey.
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user