An alternative would be to use npub to log in and only ask for nsec if the user wants to sign an event. I think is worse UX though. Can't make everyone happy.
We need an “account” recovery process because people WILL mess up. That I can guarantee.
Please Login to reply.
It's not that hard to store an nsec... Just like it's not hard to store a 12 word seed phrase.
Agreed, but only if that account recovery mechanism absolutely can't be used to steal people's identity. It has to be thoroughly investigated for all sorts of scenarios.
