pull down to refresh

0 sats \ 4 replies \ @optimism 19 Jul \ parent \ on: Ecash & LN Paid AI AI
you just sign in into cypherflow with the same nostr nsec
Let's not, that's a security risk AND a privacy risk
(or nostr browser extension).
Less of a security risk (although browser extensions are a risk themselves), but still a privacy risk
write
preview
0 sats \ 3 replies \ @utxoz 19 Jul
You are right about the security and privacy risk.
I do not recommend using an existing nsec key for this app, since it is never a good idea to be copying and pasting around a private key.
Also having the nsec stored in the browser is not particularly safe.
For now, I suggest creating a bran new key pair either directly in the app (worst security) or with a new nostr extension key pair (little less worse security) and not transfering your cold storage balance to it just yet.
This has been an interesting experience to balance the risk of a good nostr key management set up vs just having a new user up and running with the click of a single button.
Support for better Nostr signers coming soon ⚡
reply
0 sats \ 2 replies \ @optimism 19 Jul
Amber / nsecbunker is relatively safe from what I've been able to test thus far (depending on user config)
reply
0 sats \ 1 reply \ @utxoz 19 Jul
It will be cool to have remote signing. I'll check them out.
reply
0 sats \ 0 replies \ @optimism 19 Jul
Recommend to look into it after you figured out how to do error handling on remote mints - because issues will be similar.
reply