Losing control of your nsec is embarrassing.
It's like you can't keep an important secret.
This is a game of trust folks.
Can i trust you to keep your own secret?
Discussion
Normalize it. It’s early
My own? Yes. Yours? Only up to a point right?
I know a few lads that a won't name that made this mistake of forgetting their nsec. Just use a damn Password Manager and treat it like a password.
How possible/feasible/practical would it be to implement some kind of physical way of backing up access to your private key, such as a "Nostr cold wallet" or just implementing the use of physical security keys that already exist?
I know password managers are already an option, and maybe that's enough, but wouldn't that depend on how serious your account is? For a general shit posting account it's probably not more serious than using a password manager. But for those using Nostr for more serious purposes protecting their credentials a cold storage/access option could be feasible.
Am I wrong? ¯\_(ツ)_/¯
Unfortunately to post, you need a 'hot wallet'. Every nostr event is signed by your private key.
Currently the best way to manage your private key is by limiting the number of hot wallets that have access to it.
We still don't have an elegant solution to mitigating the loss of information from a private key breach. I suspect having delegated pubs for specific purposes might help spread our private eggs (notes) across more baskets (nsecs).
I guess what I'm trying to say it's that the bigger risk is not losing your key but losing exclusive access to it.
The frequency with which we need to sign events on Nostr does not lend itself to cold storage of private keys...
**Unless** we had a master npub & child npubs that sat underneath it.
Couldn’t delegation be used for this? Authorize delegates for 6 months or something?
I guess the best practice for now, if you're going to be switching back and forth between clients and devices, is to have it stored in a secure location and just make sure you "log out" whenever you are done. Or at the very least if you're going to stay "logged in" to only be logged in on one device at a time.
That sound like a reasonable approach?
I wouldn't be pasting it into web clients when you can use Alby to sign your events/notes.
I would also try to limit the number of apps you're using it on.