pull down to refresh

to the contrary,you just need to sign events which is generally accomplished with browser extensions (alby, nos2x) or remote signers (amber, nsecbunker).
sharing nsec with any app/service is an antipattern that we can't seem to get fully rid of (its the easiest to create in terms of onboarding but very risky). mobile apps tend to be a bit harder and you generally need to give them your nsec tho at least on mobile its a bit easier to ensure the security of that key compared to the web
go to nostr.net and you can see the offerings of browser extensions (on the right nip-08 browser extensions category)
If you can use Amber (or another decoupled app), use that. Browser extensions have access to all content of a tab (given you've secured it) when enabled, and thus are the perfect entry point for malware.
reply