nwc can only be exploited from the client you connected it too, nsec cant be used to zap the sats itself.

still a valid feature request tho