You should always be using nip-07 extension logins for web clients. So you don’t give it your nsec in that case
Discussion
That raises many other questions, like who/where is our login info going? does this mean that these app devs will never see/receive our login info? And how do we install this extension so that it works with apps that we may install and/or websites like iris,to, snort.social, etc. ?
Also I’m using brave browser and I logged in to iris without having installed that extension- does this mean that the iris devs now have my private keys?
#asknostr
Thanks
All I can say is be careful where you put your nsec. All my post before jan 8th got deleted along with my chatroom & community I made on here. I have not been able to figure out why or how. The only thing I can say is I put my nsec into a few sites that connect to nostr. All my communities & chatrooms that was deleted I made on satellite.earth all my posts before jan 8th & after have come from the amethyst app.
There should be a brainstorm session on how to work on this issue because I lost over 6 months worth of pages that I wrote in posts, notes that I shared for causes & a note I made with a bunch of free channels for ppl to watch tv. Along with music videos from archive.org so i'm really upset because theres no way to recover all those notes that are gone!
No, the devs don't have your key. The vast majority, if not all, Nostr web clients store the key in your browser cache. It's locally stored on your device. Some clients encrypt this, some do not.
Always use an extension or nsec.app bunker if you can.
I'll look into those but that does not explain what or why. I wish we could have a log feature to let us know how it happened. Because how did my community, chatroom & all my post before jan 8th got deleted?