Yes, but "at this point" of Nostr is when we should be discussing these ideas. This should have been an issue from the start. Auditing every application constantly (because you have to any time it updates) is absolutely not a solution and I bet pretty much no one has done it.

I didn't go audit the entire Primal codebase to make sure they aren't sending my key to a database or storing it insecurely on my device. And centralized trust isn't exactly a great model. That's one of the reasons Nostr and Bitcoin even exist.

I'm just applying the same principles of Bitcoin cold storage to Nostr apps and services.

It's not like I can have a hot wallet with a small amount of my social identity. It's all or nothing in this context.