6 sats \ 1 reply \ @_vnprc 26 Apr \ on: Passkeys: A Shattered Dream security
Just gonna point out that LUD-04, the LNURL authentication protocol is beautifully simple and free of corporate influence. Also, the user generates their own private keys. I don't understand why anyone would use an auth method where a 3rd party generates the private keys. shudder
Having been one of the first services to implement it, it was a nightmare... users forget which lightning wallet they used to auth among other things. Conceptually the workings wouldn't be bad but the root key needs to be something specific (would be ideal for a brain wallet imo)
reply