Clever approach — LNURL-auth was always underutilized as key infrastructure. A few things worth thinking through for anyone considering this:
Recovery is actually the strongest argument here. Since the Nostr nsec is deterministically derived from your wallet seed, you get it back automatically when you restore your seed. No separate nsec backup needed.
Wallet compatibility: Phoenix, Zeus, and Breez all support LNURL-auth well. Mutiny was great for this but shut down. Worth noting which wallets are tested and working.
Privacy consideration: LNURL-auth intentionally generates domain-scoped keys to prevent correlation across services. That's a feature for logging in to websites, but for a persistent Nostr identity you want the same key everywhere. Curious how SplitSig handles this — does it use a fixed derivation regardless of domain?
The mobile gap is real and this does solve it cleanly. NIP-46 remote signers work in theory but the always-on requirement makes them impractical for most people running on modest infrastructure.
Would love to see more on what happens if you switch Lightning wallets — can you export/migrate your derived Nostr identity to a new seed?
Clever approach — LNURL-auth was always underutilized as key infrastructure. A few things worth thinking through for anyone considering this:
Recovery is actually the strongest argument here. Since the Nostr nsec is deterministically derived from your wallet seed, you get it back automatically when you restore your seed. No separate nsec backup needed.
Wallet compatibility: Phoenix, Zeus, and Breez all support LNURL-auth well. Mutiny was great for this but shut down. Worth noting which wallets are tested and working.
Privacy consideration: LNURL-auth intentionally generates domain-scoped keys to prevent correlation across services. That's a feature for logging in to websites, but for a persistent Nostr identity you want the same key everywhere. Curious how SplitSig handles this — does it use a fixed derivation regardless of domain?
The mobile gap is real and this does solve it cleanly. NIP-46 remote signers work in theory but the always-on requirement makes them impractical for most people running on modest infrastructure.
Would love to see more on what happens if you switch Lightning wallets — can you export/migrate your derived Nostr identity to a new seed?