Replying to Avatar Fervour

New to nostr and want to know. Does the act of simply of opening a brand new nostr account on one of these web based clients expose me to what you say above? I just starting using one of the web clients but haven’t even looked at my nsec let alone copied it (yet). Does that count?
Avatar
Derek Ross 2y ago

technically, yes. if you generated your key / created a new account on one of these websites, then yes, your private key is stored in your web browser cache. hopefully nothing malicious is reading that cache, but there is always a chance for that to happen. one nostr client has cross site scripting attacks back in november or december. it's absolutely possible.

i'd recommend taking your key and using one of the extensions that i recommended. then clearing your browser cache to get your key out of your cache.

Reply to this note

Please Login to reply.

Discussion

Avatar
Fervour 2y ago

Thank you.