On iOS, they’re using Keychain. Can’t speak to Android.
Patience, grasshopper.
Discussion
I’m using the TestFlight version, and would enjoy a way to login with a browser extension or something like amber ( i use nostr:npub1tnpfz60snm7ler8k8c69335n37we6690qttl88t556yzkjxhahjq3kkkpe with safari for now, but it will be retired last I saw). However I want to try all the cool things, so I have to consider this nsec (debasedghost) potentially compromised through the whole nostr bootstrapping process and trying all the cool tools.
Not unless you don't trust iOS Keychain, no.
I don’t know enough to know whether I trust it. I’ve used a good number of nostr apps and any could be compromised, right (like primal, damus, etc)? I’ve used my nsec on iOS and on desktop.
Part of why I love nostr is that it seems easy to restart from 0 as long as you can rebuild your follow list. As far as regaining your followers, I’m sure some web of trust implementation will assist people in knowing when someone’s nsec is compromised so they can find the new account to follow
