I totally get it, that step will be replaced next week with a better method. There is no zapr backend the key is stored in IndexedDB and all signing happens on the local device key is never sent anywhere.

Source code is available github.com/hendore/zapr

That said for early testing a newly created nostr key pair should be created until I replace the need for capturing the nsec