Neat. I have thought about a device like this. Cool to see one has actually been made.
Hopefully this is the correct NOSTR remote signer from nostr:npub16uvg7mx3l97z8phfesl8rxj2vf82vn82hp9daala0egj45ynr8mstn0vkc nostr:npub1c878wu04lfqcl5avfy3p5x83ndpvedaxv0dg7pxthakq3jqdyzcs2n8avm this time.
This keeps your private NOSTR key (nsec) separate so you shouldn’t need to copy and paste this critical private key into every application you use.
Think of it as the NOSTR equivalent to a Bitcoin hardware wallet.
https://shop.lnbits.com/product/nsec-remote-nostr-signer
Discussion
Here's nostr:nprofile1qqsvrlrhw86l5sv06wkyjgs6rrcekskvk7nx8k50qn9m7mqgeqxjpvg8u2e5q explaining it:
Interesting to see how it works. 👍
I assume then that each app connection is seperate and can be authorised or disabled as needed.
I have wondered how a social media managers or allowing employees to post to company accounts would work on nostr without sharing the private key but I guess something like this could be used.
The next thing I would like to see is a way to salvage an identity if your nsec was compromised. Perhaps some way to set a fallback key for nostr such that if your nsec was compromised you could sign a certain message deactivating signing from the initial nsec (or simply broadcasting a message to relays to reject messages signed with old key) and allowing signing from a previously established fallback nsec. Perhaps this could be done in such a way to keep the publicly identifiabe npub the same as it was initially to allow continuity of identity while still having the fallback keys for all future signing and encryption.
I shall report on my setup and usage in the coming weeks