yea i was just being provocative with a shitpost
we need better tooling in general, having a single key that is hot by default on phones that are easily compromised is not ideal, amber is probably not the long term answer for that either
Discussion
I always thought an HSM verision of Amber would be a great not too intrusive or complex solution.
Params like
-Phone/client pairing secret =sign
-Only sign whitelisted Npub messages.
-Kinds[1-?] Auto sign, else return confirm message with new kind param.
hardware solutions could make a lot of sense for power users and organizations
for most users, i like the idea of frost with optional 2fa flow + social recovery, could implement it pretty cleanly ux wise
There's an open NIP PR about BLE signers and a prototype implemention PR for lnbits nostr-signing-device.
This would pave the way for a proximity signing device that you can carry around and connect to your client's device.