Do people here really paste their private keys into new apps to try them out?
This seems incredibly naive and risky, exposing your entire nostr identity to unknown parties / endpoints…
Ya, you def need to Vet some protocols.
Please Login to reply.
Even if I do, they can change and go rogue whenever they decide to do so.
Currently, we don’t have any forward secrecy at all.
I would like to see more fine-grained access control, e.g. with subkeys, in the future.
Couldn’t agree more 🫡⚡️
