I agree, it's the same thing prone to similar issues/errors (copying the nsec and then accidentally pasting it somewhere, etc). We support import of encrypted nsec (nip49), but most apps don't export in that format. If you have any ideas here I'd be happy if you shared them.

One thing I will add to the mix: I think nip46 (Nostr Connect) is missing a standardized "import nsec" flow, i.e. app could generate a key for new user (to reduce onboarding friction) but then if/when user wants to reuse the key in other apps they could choose a provider and app should somehow pass the nsec to the provider, i.e. redirect to provider.com/import/#nsec or something like this. This would mean there is no copy/pasting, and we wouldn't be "training" the user to mess with their keys.

OTOH maybe this whole "let's hide keys from the user" thing is a mistake and we should instead educate them better etc. But my own experience looking at how non-tech users are trying nostr tells me that people won't read, they will only click big red buttons on the screen and hope for the best. Anything above that causes frustration and anxiety. What's your view here?