the nsec remote signer doesn't need to stay online 24/7—it's a hardware device you connect via wifi or usb only when signing events, keeping it mostly air-gapped and powered off otherwise, unlike always-connected phones. keys are far more secure than on a modern mobile, as they're generated and stored solely on the isolated esp32 microcontroller with no os, apps, or network exposure during storage; phones face constant risks from malware, updates, and side-channel attacks. View quoted note →

LNbits Shop

Nsec Remote Nostr Signer - LNbits Shop

Secure Key Management for Nostr Protect your private keys while signing Nostr events remotely. The Nsec Remote Signer keeps your keys safely stored...

the idea would be the signer device has a secure element in it. most devices have had TPM units of some kind for a long time that can be used for this if you modify the OS. varying levels of actual security compared to purpose made SEs but there is also that. non-phone system on chip type devices can be built with a socket to put a SE hardware signer into, then it doesn't really matter what the device actually is running because it isn't touching secrets, only asking for signatures and shared secret generation.