But who gives the right to tap into the wallet in the first place? the authorisation has to come from the nsec owner allowing this handshake to happen between client and wallets, with an understanding that this data is not visible or consumed by the client, and it not for public visibility, unless the nsec owner choses it to be. Otherwise this is wrong. I dont know if this is a bug in zap NIP but this is a major breach of privacy (cc nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 - on zap NIP and information visibility)