I don't think that clients upload user keys to their servers. This would be really bad. Imo they live within the app on your device. That's why I wonder if the remote signer device is really more secure. Because at least hardware wise I guess modern phones are more secure than the remote signer device. But maybe I'm wrong, just really curious. Would immediately buy one if I knew that it really improves overall security.
Discussion
nostr:nprofile1qqsxsvs3h524c7mkfe9enw3x8g23mqfqn0n62e4zhvvhrhqmh5ahzhsppemhxue69uhkummn9ekx7mp0qyghwumn8ghj7mn0wd68ytnhd9hx2tcqusn8d can you help?
In a perfect world, they won't but just use a hash of them or something, but I didn't check client code (I wouldn't be able to read it anyway) so I don't know for sure. Of course this is overly paranoid thinking. But then again, we live in the era of vibecoding, lol.
I strongly disagree with modern phones being more secure, lol. In fact, the opposite is true, Graphene being a refreshing exception.
The real risk is losing your phone or it being compromised by being a multiuse device. The signer keeps your nsec safe and sound from an internet connection you trust, and only does one thing so attack vector is 100x limited.
Thank you Ben. But just to be clear the key itself sits unencrypted on the device? I'm just looking for the most safe way to use my nsec and really not sure what's the way to go at today's stage of development 😅
currently, yes. but there's work happening to secure the SK on the device.
Thanks, that's good to know. Would you still consider it the safest option at the moment to interact with nostr even when the key is stored unencrypted on the device? Also will the upcoming encryption feature be a software upgrade or will it ne necessary to buy new hardware to make it work?
safest is situation dependent and depends on how you think about security with regard to your nostr private key. for me, running the device at home works well. it's not going to be as secure as using amber at the moment.
i'm using it daily with jumble.social on mobile and desktop and think it's very good.
we're exploring a couple of options for encrypting the keys. it could be a hardware upgrade if we use the tropic square SE, or an alternative would be a software update that does something similar to how the Jade secures keys with a blind oracle. I highly doubt we'll do this though tbh.
Thank you this is a clear statement. Exactly what I needed to know to make a informed decision 👍