Born out of a hackathon at TABCONF 2024, Frostr may have just solved Nostr’s most pernicious issue: the inability to reset your password if your private key gets compromised.
Started in October of 2024, Frostr just announced the alpha release of Igloo and Forst2x, a desktop and accompanying browser extension key signers for the Nostr ecosystem.
The project was founded by Topher (cmdruid) who made his name as a Bitcoin engineer for developing Tapscript — a popular library for managing Taproot, Schnorr signatures, and Bitcoin transactions — and Austin (bitcoinplebdev) a Lightning developer for Voltage and founder of PlebDevs, a Lightning-powered developer education platform with over 500 enrolled students.
While resetting a password may seem innocuous or like a simple UI feature, it’s not that easy. Let me take you on a journey of the complexity of the issue it solves and the magnitude of what is at stake if we fail to solve this apparently simple problem.
The Social Media Revolution
Social media has changed the world. And yet, we find ourselves in a strange place with our digital identities. Who we are online and how we assert ownership of our online profiles often depends on trusted third parties like Facebook that are too big to care about any individual customer and fundamentally have the power to change the rules at any time, or even cancel your account altogether.
The deplatforming of controversial influencers and even politicians in recent years serve as examples of how this centralized power can be wielded. Perhaps the best-known illustration of this is the removal of U.S. President Donald Trump from both Facebook and Twitter shortly after the January 6 riots at the U.S. capitol, just days before the end of his first term.
Still, much of the world continues to operate on this digital neo-feudalism structure. It seems there’s a fundamental problem with the “decentralization” of identity that is yet to be solved.
Modern-Day Bank Robbery
Identity systems are a critical layer of society. Whether you are a citizen of Rome 2,000 years ago or of the United States today, doors open and close based on what ID you hold. Today’s systems, as advanced as they may seem, rely on a pre-digital conception of identity and security: They depend on authenticating your face.
The ID card itself, whether your driver’s license or passport, helps government employees, bank tellers and bar bouncers all over the world do a very simple thing: Decide if you look like the person on the official card, and then sort out if you are allowed access or not.
But the world is changing fast. Neither the obscurity of your physical appearance nor the secret nature of your social security number (SSN) are what they were in the pre-internet world: Many people have published their full names and pictures to Facebook, and a series of hacks have leaked tons of SSN data to the dark web. (For example, the Equifax Data Breach in 2017, which affected 147.9 million Americans, or the National Public Data Breach of 2024 with over 200 million Americans compromised.)
In the analog, pre-internet days, when a robber burst through the doors of their local bank, they would do so to take the cash, gold and tradable valuables stored in the vaults.
But that’s no longer how things work. In the digital age, money is no longer cash. Fiat payments are often reversible, so if you hack into a bank and move money to your account somehow, not only can that be reversed, but you just exposed a link to your identity.
Today, the online equivalent of a robber is not looking to steal cash, gold or other valuables, but rather, personal identity data.
That data can, in turn, be used to defraud those same banks, as well as businesses of all sizes.
Indeed, identity fraud costs more than all other forms of theft combined, totaling over $56 billion in 2020.
Not only have many of these centralized platforms had their data vaults hacked and their contents sold on the dark web for pennies on the dollar, but AI is improving quickly and has already passed the Turing test of image generation. We are at a point where rogue actors can create fake selfies holding fake IDs with leaked user data and fool the gatekeepers to your digital wealth.
This threat is likely to incentivize change, and you can see the new efforts by tech companies and government institutions to upgrade identity systems. Take California’s mobile driver’s license app as an example, mDL — developed in partnership with both Google and Apple — is initially integrated with airports for identity verification. But the app also invites developers to integrate it as a form of authentication for websites in general. ID.me takes a similar approach and is already fully integrated with the IRS, boasting 136 million members.
Many of these apps require face or fingerprint authentication, and ask for increasingly complex KYC selfies from their users who must hold up IDs and recent newspapers to be authenticated.
Despite the obvious weakness of using your face to authenticate your identity in the age of Facebook, tech giants continue to rely on biometric data, combining it with mass surveillance tools seen in the social credit score systems being built up in China.
To have a chance at curbing what seems like fate in the digital age, before it comes to the West, we need an identity authentication system that is both secure and agnostic to biometric data. We need an identity system that does not rely on our face.
Enter Nostr, a Bitcoin-Era Identity and Social Media Protocol
Born out of the Bitcoin developer ecosystem, Nostr has quickly grown into a social media network in its own right.
An abbreviation of “Notes and Other Stuff Transmitted by Relays” — a bit of a mouthful — Nostr empowers users to authenticate themselves into social media pseudonyms (nyms) and sign their posts with a Bitcoin-style private key. As a self-custody system that fundamentally democratizes the internet away from its current structure, it opens up a whole new set of possibilities for social media.
Proponents of Nostr argue that users can finally own their own data and no longer need to depend on the charity or benevolence of the Silicon Valley giants when they decide to move platforms or pick the wrong political party.
Nostr works via a distributed client-server network topology, which allows you to access content across various servers called relays. If one goes down or starts censoring users unfairly, chances are there’s another window into the Nostr content feed that will grant you access and allow you to publish your thoughts.
The dream of Nostr is to unlock a new generation of social media technology that does not turn users into products by mining their data, that does not force biometric authentication, compromising their privacy, and that allows developers to build in an open network whose cryptography and specs are already open source and which is natively integrated with Bitcoin, the internet’s money.
Celebrities and users who wish to protect their Nostr brands from fake accounts trying to impersonate them can follow a standard similar to the one developed by Keybase, which asked users to publicly attest to their a keybase identity with their other social media accounts, consolidating markers of reputation into one cryptographically controlled identity. Though that is not currently a practice in Nostr, it is a problem reasonably well solved in a decentralized way by Keybase.
However, it’s not all sunshine and rainbows. Pushing identity ownership to the edges comes with a whole new set of problems that up until now have not really been solved and which have personally held me back from investing in building up my brand on Nostr.
No Password Resets
There’s currently no real way to reset your password for a Nostr nym or identity. Built on a simple public key pair system, if your private key gets hacked or leaked, your identity is essentially now under the control of whoever got it. (You both have the secret, so no one has exclusive control of it.)
This is a huge issue. Although the examples of such hacks are not too common, they are a significant deterrent for brands that might consider putting serious capital into building on this new social network protocol.
This particular risk is made worse by the intended design of Nostr, which invites many different interfaces to be created to access content of various kinds with the same user identities and means that users give their private keys to multiple clients, thus multiplying the risk of compromise.
One layer of defense that has been built up and become popular as a result is the idea of an external signer, often a browser extension like Alby that helps manage your private key as a kind of password manager, facilitating signing of content for you on the various Nostr platforms.
While this works well enough today it doesn’t solve the fundamental problem. One mistake and the nym is effectively compromised, the value of that built-up brand or reputation not just harmed but potentially exploitable by scammers wearing your identity to harass your friends or customers.
This is similar to the very common impersonation scams on Facebook, Instagram and Twitter, which clone your profile and DM your known associates with phishing schemes, but even worse. In Nostr such an attack would be done with your identity — not a fake profile — significantly harming confidence in the authenticity of all content for those who are aware of the issue.
The solution should be simple: just create a password reset feature. Right?
Well, it turns out some very creative engineering is needed here, because password resets are basically only possible by giving up your control over your identity to a third party who can update a central database and give you a new key set.
Until now, that is. Let’s dive into Frostr.
Frost a Breakthrough in Sovereign Key Management
Recent breakthroughs in cryptography have opened new doors for self custody in the Bitcoin and cryptocurrency industry. One specific innovation that is quickly entering the market is Frost, a Schnorr-based key management and key rotation scheme that achieves similar functionality as Bitcoin multi-signature addresses and transactions, but without the on-chain transactions costs or privacy trade-offs.
Schnorr is a form of cryptography invented in the 1990s. A few years after the expiration of its European and U.S. patents, Schnorr started being discussed as a possible future upgrade to Bitcoin, and was ultimately introduced in the Taproot soft fork upgrade of 2020.
That same year Chelsea Komlo and Ian Goldberg published “FROST: Flexible Round-Optimized Schnorr Threshold Signatures”, a technical spec that set the foundation for its use in the Lightning Network infrastructure as well as new multi-signature schemes for self custody known as FROST.
While the cryptography is complex and explaining it beyond the scope of this article, it resembles schemes like Shamir’s secret sharing. The cryptographic principles involved allow users to create a 24-word seed with Trezor’s hardware wallet, split up into three shares of 12 words each. Any two shares combined can be assembled into the master private key of the wallet, while any one share alone is insufficient to compromise or recover access to the account.
Here’s a two-minute video explanation of FROST by Andrew Poelstra, Head of Research at Blockstream:
This same principle is used in FROST, a scheme which is designed to enable multi-party, multi-signature wallets, like those used by exchanges, potentially replacing multi-signature Bitcoin scripts, benefiting users with more privacy and lower costs.
Frostr extends FROST by integrating it with Nostr’s relay protocol — hence the added “r” in the name. It also adapts the technology to single-user wallets, rather than industrial-grade, multi-user schemes, allowing simpler setups and unlocking key rotation (password resets) for individual users with single key pairs, like those used in Nostr.
Frostr enables three new features in particular:
- Threshold key signing, so that if one key gets compromised, it can be rotated out, and a fresh set of sub keys are generated, which generate the Nostr private keypair. No need to change your Nostr public and private keys (nsec). Similar to — for example — a 2-of-3 multisignature Bitcoin wallet, where if one key is lost or compromised, the other two can be used to move the coins to a new stable structure, and regain control of three fresh keys, but off-chain. It’s a magical thing.
- No need for application-layer solutions to Nostr key rotation, only the key signers like Alby would have to integrate Frostr; Nostr apps like Primal or Damus would not even know that Frostr is being used for key rotation by its users.
- Users who already have Nostr accounts, whose nsecs have not been compromised, do not need to migrate to new keypairs and identities but simply remove their nsecs from current key signers and start using Frostr as a more secure key management system instead.
The result? A major piece of the decentralized social media puzzle is unlocked: Trustless identities with password resets that do not depend on centralized gatekeepers for authentication.
The consequences of this innovation, if fruitful, are fundamental. The Nostr ecosystem would be wise to take a look at Frostr; it might just be enough of a security and UI improvement that a whole new generation of non-biometric, trustless digital identities, and sovereign data ownership use cases are unlocked for the Bitcoin age.
For a deeper dive into Frostr, check out their website at Frostr.org or have a look at this podcast I recorded with Topher and Austin on the topic.
https://creators.spotify.com/pod/show/bitcoin-magazine-po/episodes/FROSTR-Explained-A-Gamechanger-for-NOSTR-Identity-Management–The-Juan-Galt-Show-e30op20
