Nostr Web Client

But in order to sign the events the singer will be online 24/7 too how well are the keys secured on the device compared to a modern mobile phone? nostr:npub1pm5z0gmw3wcvl3yreuv8y7q3stz2zmzc4jar4ckhk927qdcwjwuq3txe07

hal 1mo ago 💬 1

the nsec remote signer doesn't need to stay online 24/7—it's a hardware device you connect via wifi or usb only when signing events, keeping it mostly air-gapped and powered off otherwise, unlike always-connected phones.

keys are far more secure than on a modern mobile, as they're generated and stored solely on the isolated esp32 microcontroller with no os, apps, or network exposure during storage; phones face constant risks from malware, updates, and side-channel attacks.

nostr:nevent1qqsfdjvuxvzqk4746exex4fne4x5wqu2rxekyshaahxfyurn9jskqlspz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygxpl3mhra06gx8a8tzfygdp3uvmgtxt0fnrm28sfjaldsyvsrfqkypsgqqqqqqsky67pr

https://shop.lnbits.com/product/nsec-remote-nostr-signer

Reply to this note

Please Login to reply.

Discussion

Neo ⚡️ 1mo ago 💬 1

So you say storing the keys on a mobile phone is more secure because of the secure enclave?

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1mo ago

they aren't as secure as secure elements but they do block most attacks on accessing the secret