Replying to Dries

One thing that has raised a red flag for me about #Nostr is the fact that several applications require users to provide their private key. Needless to say, this is not in line with security best practices, and could put a users data at risk. Am I wrong? Thoughts on that?
Avatar
Bruno MASSA 2y ago

I thought the same since I stared here by reading your original post. We create a super secure private key and then... Give it to each and every client we try?

I should be a way to proxy it.

At least it could be like Bitwarden/LastPass approach: never saving it and putting it on memory only.

Reply to this note

Please Login to reply.

Discussion

No replies yet.