What is the mechanism used by the Browser for the user to authenticate without relinquishing custody of the user's nsec private key to server-side custody? Is a browser extension needed to implement a challenge-response using the nsec kept on the user's local file system?
The nostr browser is coming.
https://void.cat/d/7oTQHn98jnGXDU9TiSquWe.webp
https://void.cat/d/4YMgGNpfFAKiMkTc5HF3Xy.webp
https://void.cat/d/4LuwjSZEfM6NQRaZ7Q6dvn.webp
https://void.cat/d/T5yNTwQ2SEoHruuTp5LWJT.webp
https://void.cat/d/8GvqmiShAHy9GPn7Mv3KED.webp
https://void.cat/d/143wC8ZV8xMuJkirrFb28b.webp
https://void.cat/d/6Pe3opKp5NUxJoF3d3yzuz.webp
https://void.cat/d/JkX3ddtrsg6q2ryJwox6jc.webp
https://void.cat/d/5aECRKrrF54xUFhtrAiD9t.webp
https://void.cat/d/GpJNe9C7zym9zQ3VHCMSNr.webp
Discussion
The key is stored on local disk encrypted, nip07 js interface is injected into the web apps to access the keys