Here’s where Nostr comes in, but not as a core security primitive. Instead, Nostr is a practical solution to a real problem: if your keys are derived from labels, how do you remember which labels you used when restoring on a new device?
The answer is to publish them. Under the hood, the app seamlessly creates a Nostr identity derived from the same PRF and uses it to post each label as a plain Nostr event. The user never sees or manages this identity. When you restore, the app reconstructs that same Nostr identity, queries the relays, retrieves the list of labels, and re-derives the keys on the spot.
No cloud backup. No iCloud. No Google Drive. No server. Just your passkey and a few public Nostr messages.
Am I missing something? This just a complete move back to centralization for convenience. If you use a passkey to derive identities and wallets, you could as well just save the mnemonic in the cloud or use an exchange wallet…same centralization, same security, same risk.
If you use mnemonic seeds, at least you have the choice to keep theme stored safely on metal, a sticky note (risky) or any centralized party you trust with your security.
I would argue the other way around, use mnemonic seed to generate passkeys and identities.
Personally i would only advice to use passkeys for lower tear security, e.g. the plenitude of website accounts you have for stores while using your own highly secure passwords for a few important services.
Another thing, forget about your anonymity if you let Google, Apple or Microsoft store the passkeys linked to your identities
