> A “golden key” is just another, more pleasant, word for a backdoor—something that allows people access to your data without going through you directly.
Clearly in this situation nothing has been done to allow anyone else to access your data without consent.
I get that you are upset about being made to look like you endorse a cryptocurrency, but that's not an excuse to be purposely misleading. You should edit the post and remove the backdoor claim.
They signed an attestation, that is essentially using your authority to say something is yours. I would consider my ability to consent as something that belongs to me. This change indeed allows people to access my data (in this case, saying I have something I don't, and using my authority without permission).
If they automatically joined my keybase user to my hackernews profile without my consent, it would be just as egregious.
You actually do have the key in question though, so they did not claim that you have something you don't.
Furthermore the change did not give them more access than they had previously like you are subtly implying here. The app could already make attestations on behalf of the user since that is what it's designed to do.
> If they automatically joined my keybase user to my hackernews profile without my consent, it would be just as egregious.
Keybase uses the term "backdoor" in their blog to describe an app using a key to sign another key as valid (violating user intent/consent).