100% agree that you should hold your own keys! But if the device is yours, and the app doens’t phone out the nsec, isn’t it just as safe as holding it yourself?
Maybe I’m just too naive with my iOS sandboxing
I don't believe that clients should hold keys in any capacity but I can appreciate Primal trying to make this process a bit simpler. Of course, I believe only you should hold your keys which is why I've been working on Signet (just search on Github, I spam it here enough lol).
nostr:nevent1qqs2470jrlr4e6ek9yxmhnkl420mt80qu3snr4fsv3tpn545cgj49eg9x35m5
Discussion
You're absolutely right.