I paste my key into clients. 🤷🏽♀️ if i see something fishy that got switched or a note signed but not by me the client will have a bad reputation because some of us know exactly where we used the keys 🤷🏽♀️
Discussion
At this point in development I think that may be the reasonable approach. However going forward when people invest large amounts of energy into a nostr identity, we must adopt better private key security practices, such as hardware wallets do for “crypto”. However this may resign this platform for a small subset until the public can become educated on the subject, and development has been furthered on the platform.
Someone has made a singer like a hardware wallet thingy. Haha i always forget who and where to buy it