-
@ Judge Hardcase
2025-02-24 10:55:44
Yeah, he's correct to the extent that relying on client apps to abstract away key generation, etc, is an inherent problem. I managed to generate my own key, but rely on a browser extension signer - which is better, but could still potentially leak my key.
I wouldn't trust such a setup with any significant amount of Bitcoin; so, likewise, until Nostr has a more robust, widely-supported solution, I don't intend to trust using my nsec for anything sensitive.
In short, for now, if/when my nsec gets hacked, the hacker can have it. I will simply spin up another nsec (which I will expect to also inevitably get hacked).