Alby says they don't store or have access to that key and it lives in the browser ext only. The plugin is OSS so I tend to believe em...
Discussion
its definitely getting stored somewhere "in the cloud". whether thats alby or something else doesnt matter if its compromised but ill decide what to do with it after looking at the code. maybe its encrypted with the password
It does? lmk what you find.. also, check out keys.band if you're tired of nos2x.. it's different and the UI is kinda nice. (Based on nos2x code)
ok ive dug a little in github and yes, alby extension is encrypting with password and only storing to browser.storage.local so then it should only cross via cloud sync of the browser which is out of albys hands
of course, i dont have sync enabled so im missing something of how it happened