alby can custody a key, and then you can use it on lots of sites

but you're still trusting alby

this is a fundamental problem with hardware private key storage

1. no standard way to export from one hardware device to another (not hard just no good standards)

2. no standard way to access signing and dh ops from a web browser

the result of these things is that people just throw away all good security in exchange for expedience

and the reason why #1 and #2 exist is because cryptographers have made security unnecessarily restrictive preventing low level operations from being accessible to developers

webcrypto standard exists, but zero keychain ops (why? no good reason)