No Password Reset? How Frostr Saves Your Nostr Identification

Born out of a hackathon at TABCONF 2024, Frostr might have simply solved Nostr’s most pernicious subject: the lack to reset your password in case your non-public key will get compromised.

Began in October of 2024, Frostr simply introduced the alpha launch of Igloo and Frost2x, a desktop and accompanying browser extension key signers for the Nostr ecosystem. 

The challenge was based by Topher (cmdruid) who made his identify as a Bitcoin engineer for creating Tapscript — a well-liked library for managing Taproot, Schnorr signatures, and Bitcoin transactions — and Austin (bitcoinplebdev) a Lightning developer for Voltage and founding father of PlebDevs, a Lightning-powered developer schooling platform with over 500 enrolled college students. 

Whereas resetting a password could seem innocuous or like a easy UI characteristic, it’s not that straightforward. Let me take you on a journey of the complexity of the difficulty it solves and the magnitude of what’s at stake if we fail to resolve this apparently easy downside. 

The Social Media Revolution

Social media has modified the world. And but, we discover ourselves in a wierd place with our digital identities. Who we’re on-line and the way we assert possession of our on-line profiles typically relies on trusted third events like Fb which are too huge to care about any particular person buyer and essentially have the facility to vary the foundations at any time, and even cancel your account altogether.

The deplatforming of controversial influencers and even politicians in recent times function examples of how this centralized energy may be wielded. Maybe the best-known illustration of that is the removing of U.S. President Donald Trump from each Fb and Twitter shortly after the January 6 riots on the U.S. capitol, simply days earlier than the tip of his first time period. 

Nonetheless, a lot of the world continues to function on this digital neo-feudalism construction. It appears there’s a basic downside with the “decentralization” of identification that’s but to be solved.

Trendy-Day Financial institution Theft

Identification techniques are a important layer of society. Whether or not you’re a citizen of Rome 2,000 years in the past or of america at this time, doorways open and shut primarily based on what ID you maintain. Right now’s techniques, as superior as they might appear, depend on a pre-digital conception of identification and safety: They depend upon authenticating your face.

The ID card itself, whether or not your driver’s license or passport, helps authorities staff, financial institution tellers and bar bouncers everywhere in the world do a quite simple factor: Determine for those who appear to be the particular person on the official card, after which type out if you’re allowed entry or not.

However the world is altering quick. Neither the obscurity of your bodily look nor the key nature of your social safety quantity (SSN) are what they had been within the pre-internet world: Many individuals have revealed their full names and footage to Fb, and a sequence of hacks have leaked tons of SSN information to the darkish net. (For instance, the Equifax Information Breach in 2017, which affected 147.9 million People, or the Nationwide Public Information Breach of 2024 with over 200 million People compromised.)

Within the analog, pre-internet days, when a robber burst by means of the doorways of their native financial institution, they’d accomplish that to take the money, gold and tradable valuables saved within the vaults.

However that’s not how issues work. Within the digital age, cash is not money. Fiat funds are sometimes reversible, so for those who hack right into a financial institution and transfer cash to your account by some means, not solely can that be reversed, however you simply uncovered a hyperlink to your identification.

Right now, the net equal of a robber isn’t trying to steal money, gold or different valuables, however somewhat, private identification information.

That information can, in flip, be used to defraud those self same banks, in addition to companies of all sizes.

Certainly, identification fraud prices greater than all different types of theft mixed, totaling over $56 billion in 2020.

Not solely have many of those centralized platforms had their information vaults hacked and their contents bought on the darkish net for pennies on the greenback, however AI is enhancing rapidly and has already handed the Turing take a look at of picture technology. We’re at some extent the place rogue actors can create pretend selfies holding pretend IDs with leaked consumer information and idiot the gatekeepers to your digital wealth.

This menace is more likely to incentivize change, and you may see the brand new efforts by tech firms and authorities establishments to improve identification techniques. Take California’s cellular driver’s license app for instance, mDL — developed in partnership with each Google and Apple — is initially built-in with airports for identification verification. However the app additionally invitations builders to combine it as a type of authentication for web sites basically. ID.me takes an analogous strategy and is already absolutely built-in with the IRS, boasting 136 million members. 

Many of those apps require face or fingerprint authentication, and ask for more and more complicated KYC selfies from their customers who should maintain up IDs and up to date newspapers to be authenticated. 

Regardless of the plain weak spot of utilizing your face to authenticate your identification within the age of Fb, tech giants proceed to depend on biometric information, combining it with mass surveillance instruments seen within the social credit score rating techniques being constructed up in China. 

To have an opportunity at curbing what looks as if destiny within the digital age, earlier than it involves the West, we want an identification authentication system that’s each safe and agnostic to biometric information. We want an identification system that doesn’t depend on our face. 

Enter Nostr, a Bitcoin-Period Identification and Social Media Protocol

Born out of the Bitcoin developer ecosystem, Nostr has rapidly grown right into a social media community in its personal proper.

An abbreviation of “Notes and Different Stuff Transmitted by Relays” — a little bit of a mouthful — Nostr empowers customers to authenticate themselves into social media pseudonyms (nyms) and signal their posts with a Bitcoin-style non-public key. As a self-custody system that essentially democratizes the web away from its present construction, it opens up an entire new set of prospects for social media.

Proponents of Nostr argue that customers can lastly personal their very own information and not have to depend upon the charity or benevolence of the Silicon Valley giants once they resolve to maneuver platforms or decide the unsuitable political get together.

Nostr works by way of a distributed client-server community topology, which lets you entry content material throughout numerous servers referred to as relays. If one goes down or begins censoring customers unfairly, chances are high there’s one other window into the Nostr content material feed that may grant you entry and let you publish your ideas.

The dream of Nostr is to unlock a brand new technology of social media know-how that doesn’t flip customers into merchandise by mining their information, that doesn’t drive biometric authentication, compromising their privateness, and that permits builders to construct in an open community whose cryptography and specs are already open supply and which is natively built-in with Bitcoin, the web’s cash. 

Celebrities and customers who want to shield their Nostr manufacturers from pretend accounts attempting to impersonate them can comply with a typical much like the one developed by Keybase, which requested customers to publicly attest to their a keybase identification with their different social media accounts, consolidating markers of repute into one cryptographically managed identification. Although that isn’t at the moment a apply in Nostr, it’s a downside fairly nicely solved in a decentralized means by Keybase.

Nevertheless, it’s not all sunshine and rainbows. Pushing identification possession to the sides comes with an entire new set of issues that up till now have not likely been solved and which have personally held me again from investing in increase my model on Nostr. 

No Password Resets

There’s at the moment no actual method to reset your password for a Nostr nym or identification. Constructed on a easy public key pair system, in case your non-public key will get hacked or leaked, your identification is actually now underneath the management of whoever acquired it. (You each have the key, so nobody has unique management of it.)

This can be a big subject. Though the examples of such hacks should not too frequent, they’re a major deterrent for manufacturers which may contemplate placing severe capital into constructing on this new social community protocol.

This explicit threat is made worse by the supposed design of Nostr, which invitations many various interfaces to be created to entry content material of assorted varieties with the identical consumer identities and signifies that customers give their non-public keys to a number of shoppers, thus multiplying the danger of compromise.

One layer of protection that has been constructed up and change into standard in consequence is the concept of an exterior signer, typically a browser extension like Alby that helps handle your non-public key as a type of password supervisor, facilitating signing of content material for you on the varied Nostr platforms.

Whereas this works nicely sufficient at this time it doesn’t resolve the elemental downside. One mistake and the nym is successfully compromised, the worth of that built-up model or repute not simply harmed however probably exploitable by scammers carrying your identification to harass your pals or prospects.

That is much like the quite common impersonation scams on Fb, Instagram and Twitter, which clone your profile and DM your recognized associates with phishing schemes, however even worse. In Nostr such an assault can be carried out with your identification — not a pretend profile — considerably harming confidence within the authenticity of all content material for individuals who are conscious of the difficulty. 

The answer must be easy: simply create a password reset characteristic. Proper?

Effectively, it seems some very inventive engineering is required right here, as a result of password resets are mainly solely potential by giving up your management over your identification to a 3rd get together who can replace a central database and offer you a brand new key set.

Till now, that’s. Let’s dive into Frostr. 

Frost a Breakthrough in Sovereign Key Administration

Latest breakthroughs in cryptography have opened new doorways for self custody within the Bitcoin and cryptocurrency trade. One particular innovation that’s rapidly coming into the market is Frost, a Schnorr-based key administration and key rotation scheme that achieves related performance as Bitcoin multi-signature addresses and transactions, however with out the on-chain transactions prices or privateness trade-offs. 

Schnorr is a type of cryptography invented within the Nineteen Nineties. A number of years after the expiration of its European and U.S. patents, Schnorr began being mentioned as a potential future improve to Bitcoin, and was finally launched within the Taproot gentle fork improve of 2020. 

That very same 12 months Chelsea Komlo and Ian Goldberg revealed “FROST: Versatile Spherical-Optimized Schnorr Threshold Signatures”, a technical spec that set the muse for its use within the Lightning Community infrastructure in addition to new multi-signature schemes for self custody referred to as FROST.

Whereas the cryptography is complicated and explaining it past the scope of this text, it resembles schemes like Shamir’s secret sharing. The cryptographic ideas concerned enable customers to create a 24-word seed with Trezor’s {hardware} pockets, cut up up into three shares of 12 phrases every. Any two shares mixed may be assembled into the grasp non-public key of the pockets, whereas anybody share alone is inadequate to compromise or get well entry to the account.

Right here’s a two-minute video rationalization of FROST by Andrew Poelstra, Head of Analysis at Blockstream: