What I don’t get is how do I know that if I sign into Primal.net or any other place, how do I know that I didn’t send my private key to a fisher?
Discussion
It’s stored locally most of the time. You do need to be careful where you use it to login. Doing your own research and trusting the application developer is key. Security for that type of concern is under development