genuine question - aren't we being asked for our nsec more and more often? am starting to think my nsec should be air gapped just like a btc private key? should only provide a 'derived key' that can't reveal my nsec?
Discussion
itd be cool if #Amber had a version you could install on a phone, keep it offline, then use qr card scanning to authorize signing on another online amber using on your online phone with a nostr client ( perhaps you gotta re-up it every few weeks or something). the offline phone would effectively act as your hardware signer. Maybe this functionality already exists in Amber, nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 ? hopefully that made sense.