Subnostr

The “develop” branch of nostr-irc now protects you from accidentally posting your nsec private key. I’ll be merging to master once I have some other features updated. All it took was:

```

if re.search(r'nsec[a-z0-9]{32,64}$', user_input):

messages.addstr("\n *** Error: Potential exposure of nsec private key. Message denied.\n\n”)

```

Magic! 🎩🪄

Ron Stoner 2y ago

I would love to see all nostr clients implement something similar. A few lines of code allows us client creators to help further protect the users from footguns and malicious actors.

There could be a case made for filtering the regex out of kind 1 events to prevent this at a relay level too, but that's up to the relay operator and their own personal stance on data censorship.

#[0]

Reply to this note

Please Login to reply.

Discussion

Timechain 2y ago

So if I try to post my nsec it doesn't work? Let me try! .... .... jk. But seriously, it's a great idea! It's the kind of thing that makes it so everyone, not just Bitcoiners can use it soon!

Ron Stoner 2y ago

I agree. You can use a fake nsec to test. I’m going to be merging to master/main in a few minutes after a few more commits.

Timechain 2y ago

#[2] what do you think about this feature? I think it could really help out the newbies.

Vitor Pamplona 2y ago

We already do it. If you write an nsec, it turns into an npub automatically

Ron Stoner 2y ago

Love it! Thank you for standing together in protecting the users.

threeseries 2y ago

At first I thought this was a joke. Like your nsec becomes a "public" key that anyone can use as soon as you share it.

arkinox 2y ago

Whenever someone says 'footguns' I think of Downwell because you use footguns while you go down a well

Ron Stoner 2y ago

I’ve never played it and am not super familiar with it. As such, you’ve given me something new and cool to explore this weekend.