Nostr Web Client

They are seen by the bunker, it’s encrypted at rest, but decrypted when it is used. Unless I misread the code or it changed recently 🐶🐾🫡

Derek Ross 1y ago

Right, so technically the CPU sees the private key.

Reply to this note

Please Login to reply.

Discussion

The Fishcake (nostr.build) 1y ago

Technically, the service owner has access to nsec. CPU, RAM, (if swapped also disk) sees the key. Unless it is a dedicated HSM or something like Enclave (AWS) there is no way around it 🐶🐾🫡

Derek Ross 1y ago

Hmm I wonder if a simple process trace would reveal the key when it's in flight then?

ben 1y ago

a tool to dump the process memory might 😉

Derek Ross 1y ago

strace 👀