The Fishcake (nostr.build)'s avatar
The Fishcake (nostr.build) _@thefishcake.com 1 year ago
I think the major issue is that the service has access to both, the encrypted nsec and the key to decrypt it. Plus and service that is between the service and the client will have access to both, e.g., Cloudflare, TLS termination thingy. It’s just not a good approach to the storage of keys unless the organization hosts it in their own trusted infrastructure 🐶🐾🫡
↑ Parent

Replies (1)

PABLOF7z's avatar
PABLOF7z _@f7z.io 1 year ago
Wut? End-to-end encryption; why would Cloudflare or any MITM have it? The nsec is encrypted at disk, user needs to talk to the bunker to provide pssphrase to decrypt it every time it reboots/forgets the nsec. Ofc there’s a trust element which is why open sourcing it is fundamental and reproducible builds and even better running in a secure enclave are ideal.
1 replies ↓