Thread - Nostr Hypermedia

Vitor Pamplona _@vitorpamplona.com 2 weeks ago

It's lack of knowledge. We just don't have anyone in Nostr that is a true security dev. But again, our solution is to use signers... ALWAYS. That minimizes your exposure. I don't know if clients will ever get to the security model that a signer can get.

↑ Parent

Replies (2)

LeviJohnson.net levijohnsonnet@iris.to 2 weeks ago

Thank you for your honest answer and bringing this security issue to my attention, and it makes sense. I didn't realize my private key was so vulnerable. Now I can take steps, because the idea of having my nsec compromised is demoralizing.

1 replies ↓

v m@testls.bit 2 weeks ago

amethyst has nip-05 .bit resolution. get a .bit and update the nostr value when you need to rotate a key. search testls.bit or m@testls.bit in amethyst. I think resolving these @'s in amethyst also makes sense but vitor strongly disagrees 😂