NOSTR does not use the same technologies as Bitcoin, but it is often compared to it because it shares the same design philosophy and concepts of self sovereignty.

One issue with NOSTR right now is the security of your private key (nsec). We happily copy and paste this across multiple apps or store it in a browser extension like Alby or nos2x.

We would never been this lax with our Bitcoin wallets private key. We take great care to secure it, air gap it and hide it even from our own prying eyes in secure element chips inside robust hardware wallets. You’ve never seen your Bitcoin wallets private key. If you have, this is a security risk and you should move your Bitcoin immediately.

As Bitcoin separates money from the state, so NOSTR has the capability of separating identity from the state. 

You have delegated your identity to the government in the same way you had delegated your money to them. 

To prove your identity you need a government issued passport or driving license or identity card. Even a bank credit or debit card will do in many cases. You have no ability to prove your own identity yourself, up until now.

NOSTR gives that ability. 

While many people choose to be anonymous on NOSTR, I choose to be my true identity. I link my website mikehardcastle.com to my npub on NOSTR via the NIP-05 protocol. I do this by storing a public file on my website that contains my NOSTR public key in hex notation here: https://mikehardcastle.com/.well-known/nostr.json

As only I have access to upload files to my website, so my identity mike@mikehardcastle.com is cryptographically verified every time I sign a post on NOSTR. It also proves that I own, or at least control, my website mikehardcastle.com 

My website is under my name and registered by me, so I can prove I own the website to the government or any third party.

Similarly, if you work for a company and use NOSTR for work, you should go through a similar verification process whereby your employer stores your approved work public key under your identity on the company website. This means you can prove you work for the company you say you do cryptographically. 

We have in the past caught out several scammers pretending to represent organisations such as the Wall Street Journal on NOSTR because they did not verify their identity with their employer.

This has the potential to remove the need for passports or identity cards in the future, ensuring individual identity becomes self sovereign.

N.B. Passports only came into mainstream existence as a result of the first world war and the need to identify returning soldiers after the outbreak of Spanish flu. Before then, Visas were widely used and were signed letters by your head of state to allow you safe passage through a foreign land. Visas have since been changed to be issued by the visiting country and often carry a fee, generating profit for the host country.

We are still very early to NOSTR and suffer from the self doubt and uncertainty Bitcoin had in its first few years, I believe we are currently around 10 years behind Bitcoin in terms of adoption.

As it becomes more widely understood and the need for freedom from the state increases, so we should take security of our private key seriously.

I would argue that securing our identity is far more important than securing our money and should be taken extremely seriously.

To this end, there are currently several software solutions to key management, including the stated Alby, nos2x or even Amber. 

But as securing our physical identity becomes more important, we are going to want robust hardware solutions that for ever obfuscate our private keys in the same way Bitcoin hardware wallets do.

Currently there is one hardware option available from @LNBits it is here:

https://shop.lnbits.com/product/nsec-remote-nostr-signer

This is a proof of concept and works by storing your key on the signer which is plugged into your home network via WiFi. It is then connected to from anywhere via a connector over the Internet facilitated by relays maintaining a persistent connection. 

When you wish to sign a note, your relay talks back to the signer and passes the note to be signed. The signer creates the signature and passes it through the relay to your device which appends the signature to your note, verifying that you are the originator. Thus your private key is bunkered and safe from exposure.

This product is a great proof of concept and if you want to understand the future direction of NOSTR, it’s well worth getting one to understand the principles. However it is just a stepping stone to the future and eventually, I think NOSTR remote signers will be much more advanced.

The first problem is that few clients support remote signing, the only one currently is coracle.social  

Secondly, the signer looses its settings without power, so it should be battery powered with a mains connection to keep the battery charged.

The device itself is not secure, so anybody that has physical access to your signer can connect to it. Thus a PIN or other type of login should be required to physically access it.

Also, your key inside the device is not secure from physical attack. All good Bitcoin wallets store their keys inside a secure element chip, to prevent access or tampering.

Lastly, a more robust wired connection would be more reliable than a WiFi connection.

As NOSTR develops, and companies start to adopt it, multisig will become more important, allowing company accounts to be run by multiple individuals or even revoked if a member of staff leaves.

These are all future developments, but for now, watch the NOSTR hardware signer space, it’s becoming more important as the ecosystem develops and one day, NOSTR has the ability to become your primary form of identity surpassing your passport or identity card.