Potentially, but it's more seeing the reaction from your existing users when you removed the amber log in and that you didn't take their feedback onboard that I think is sus. I've put my nsec places I shouldn't have when I first got here, it's not that big of a deal at the moment, nostr isn't actually important. But what if one day nostr actually matters? You're not actually storing people's keys yourself are you? It's only saved locally on the device with wisp if you don't ask google to save it?

Less concern you’ll steal them vs the app, your code leaking them. Nsecs are not a big deal, yet…