Oddbean new post about | logout
brugeman | 9 months ago (raw) | root | parent | reply | flag +1 
 No such button atm, should we just have a 'copy nsec' button?
brugeman | 9 months ago (raw) | root | parent | reply | flag +2 
 I just saw nip49 implemented in Amethyst, it's a format to export nsec encrypted with a password as ncryptsec1... string, I guess I will use that
deleted | 9 months ago (raw) | root | parent | reply | flag +1 
 Even if you implement nip49, I still think you need to include nsec export. Vitor says nip49 is not meant to replace nsec, and nsec should still be stored in a separate place. If you permit a user to generate new keys, then you need to permit nsec export. Otherwise, users might be left with a lock in situation to your bunker - especially now when client support for all these new nips is incomplete and buggy.
brugeman | 9 months ago (raw) | root | parent | reply | flag +3 
 Indeed nip49 doesn't solve my issue.
I need to think through whether I can provide some protections first. Amethyst requires you to enter system pin / scan finger to verify your identity. Otherwise anyone who has 10 second access to your device could steal your nsec. Either I need to ask for a password first for nsec export, or add WebAuthn auth, or maybe some other clever way to do that.
Newton | 9 months ago (raw) | root | parent | reply | flag 
 Exactly.
Newton | 9 months ago (raw) | root | parent | reply | flag 
 Exactly.