I could be wrong but this is not about a MITM attack but about a potential malicious nostr webapp that could be compromised. The app should still use a https connection which is encrypted so nobody in the middle can decrypt the information to read your nsec. A vpn would be used if you want to hide your ip adress from the webapp or from the nostr relays, not to protect your nsec.
Is nostr:npub168euw93e4cam59llcmydav0akwjk2p4nfy3p85pn22xv9y2jxuzq4s9uaw a trusted app to use when logging in with your Nsec? Risks of it being compromised?
#asknostr #nostr #nsec #vpn
Discussion
I’m not using a vpn to protect my nsec, maybe I didn’t formulate correctly. I’m always using a vpn. But in the process of signing up to anywhere there’s information being transmitted. In this case through the vpn connection.