the idea is that damus can protect your nsec from nostr websites, otherwise they could swipe it and send it to their server. It uses nip07 which allows nostr webapps to sign things but not read your key.

I want to also add protections against wiping and corrupting your profile/contact data, which buggy nostr clients can do by accident.