As for the solution, it seems to explicitly not address recovery of lost keys/identities, which is however exactly the part that makes this hard for regular users.
That, and general name confusion attacks, I suppose: "I'm lxgr17@key, yeah, don't ask about the first 16. Oh also make sure 'key' is not the one with the Georgian lowercase e in the middle, that one's an impostor. Wait, actually, let me quickly spell it out in hexadecimal Unicode points..."
At least blockchain addresses have that going for them: They're way too long to even try and remember or spell out on the phone.
Great concise description of the problem.
As for the solution, it seems to explicitly not address recovery of lost keys/identities, which is however exactly the part that makes this hard for regular users.
That, and general name confusion attacks, I suppose: "I'm lxgr17@key, yeah, don't ask about the first 16. Oh also make sure 'key' is not the one with the Georgian lowercase e in the middle, that one's an impostor. Wait, actually, let me quickly spell it out in hexadecimal Unicode points..."
At least blockchain addresses have that going for them: They're way too long to even try and remember or spell out on the phone.
>We have public-key infrastructure for machines. We don’t have it for people.
We do, you just don't know about:)
SDK: https://github.com/CipherTrustee/certisfy-js
Web trust use: https://bsky.app/profile/bitlooter.bsky.social
Some examples of how you could leverage it: https://blog.certisfy.com/
Happy to answer questions.