Nostr Web Client

Replying to

Vitor Pamplona

Signer apps should automatically reject any signing request with their users nsec or the hex equivalent in the event.

AI will do dumb things. Protective signer apps are our last defense. I hope they stand up to the challenge.

HODLBurger 7mo ago

Sorry, for those in the back... What's the issue here? Does signing your own public keys leak the private key?

Reply to this note

Please Login to reply.

Discussion

Vitor Pamplona 7mo ago

No, but the AI can write a post with your nsec in by mistake. It will need to fool users on pasting their nsec in the app, but that has happened. If that gets built, only the signer can stop it.