At some point due to bugs in Nostr clients or back doors built in to operating systems and hardware a lot of nprivs will be stolen. If the attacker is smart they’ll only compromise specific accounts to infiltrate target webs of trust.

We haven’t built the necessary defenses yet. Hardware signers are a good start but we need the UX to catch up. We need protocols for reliably communicating compromises.

That aside I’m bullish on Nostr!