I’m trying to wrap my head around the differences between using IndexedDB, OPFS, and SQLite in your scenario. I’ve been researching the idea of running an isolated iFrame on client.com for vault.com and passing data between the two origins via postMessage. In that setup, is there anything in NostrPass that prevents rogue extension