nos asks for nsec upon login…how can a Pleb w limited code skills review the security around sharing nsec?
#[0]
Discussion
One shouldn’t have to surrender a private key for access.
Nostr isn’t as trustless as it should be yet.
It should give you an option of importing keys or creating new ones. If it doesn’t then that’s just a bug because previous alpha releases let you choose.
This is the same option most nostr clients offer.
What’s the security risk around importing keys on iOS client?
Web clients risk meant using a third party like get alby to be safe
We put it in apple keychain so it’s encrypted and only leaves device if you choose to sync it to your iCloud.
Read the source: https://github.com/planetary-social/nos