If I understand correctly, the reason it’s safer to input your private key on native apps like Damus is because the key is stored locally.
If that’s the case, why don’t web clients like Astral/Snort/Iris/YoSup/etc store the private key in the browsers localstorage when accessing it from mobile? Is there a technical reason this doesn’t happen?
Hmm.. I have been using nos2x browser extension, works like a charm with the web clients I have been using.
I’m moreso wondering why browser localstorage can’t store the private key instead of extensions like nos2x?
Is browser local storage persistent? Or would like clearing your cache delete it? So far I'm quite happy with the extension.
It can and does work on snort, the reason that its not recommended is because its not very secure since a lot of sites have been and are vulnerable to XSS
Ahh that makes sense, thanks for the explanation!
#[1]
#[2]
#[3]
Browser applications are not signed by the developer unlike native apps and browser extensions. Someone could hack the server or dns and serve malicious code that steals your private key. XSS is also a risk, although not common in applications that use a framework like react.
