Nostr Web Client

Someone just asked me this:

Do nostr clients just promise pinky swear they won't steal your identity after you use your private key to "log in?"

What’s the proper answer? #asknostr

Clients should allow signing trough extensions like alby or Nos2x, else yes 🙌 nothing prevents a client from taking your key if they are malicious

Reply to this note

Please Login to reply.

Discussion

Trey Walsh 2y ago

I would think the same could hypothetically be asked of these browser extensions? No? And if you’re on an iOS or android app the answer can’t be “use browser extension” bc it’s not possible

Sync 2y ago

True the buck stops somewhere, Nos2x is developed by fiatjaf, so I guess you gotta trust him 😄 or the alby team and for iOS there is Nostore

Egge 2y ago

Nothing prevents a browser extension from taking your private key

Sync 2y ago

But trusting one browser extension vs every client that you would share your key with seems like a trade off in the right direction 😆