1,2,3,4 completely on point. With regards to 5 I wonder how someone could get in possession of sats by simply stealing a nsec. I guess that if I were to receive some zaps but the amounts are not going to be reflected in my wallet I would at least think that something is going on.
Clearly there's a point for services like npub.cash where lnaddress is liked to npub, but only a small subset of Nostr users actually adopt these kind of services.
What am I missing?
Although...?
Wouldn't this also apply to any webclient you authorized with nsec-input and then connected to a wallet? It's just a website connected to your wallet, in that case, with the nsec as login data.
Or is there some additional control?
Fair enough, the only corner case may be if an attacker collects X nsec (with X being tens of thousands or more) and then in an exact time T he/she runs some script to sign an event that changes the LNaddress for any nsec he/she holds. In that case he/she could quietly wait until someone figures this out and spreads the news a time T+1 This empowers the attacker to steal only the zaps occurred between T and T+1, given that after T+1 people would stop zapping each other as a precaution.
The danger here is possibly bigger from the trust pov rather than economical...am I going to zap someone anymore if I'm not sure that the npub I'm zapping is actually in control of its lnaddress?
Just riffing btw, but clients where you login with plain nsec are possibly dangerous, I agree
For a while, that was how most of us where doing it, most of the time.
