Oddbean new post about | logout
 Technically, the service owner has access to nsec. CPU, RAM, (if swapped also disk) sees the key. Unless it is a dedicated HSM or something like Enclave (AWS) there is no way around it 🐶🐾🫡 
 Hmm I wonder if a simple process trace would reveal the key when it's in flight then? 
 a tool to dump the process memory might 😉 
 strace 👀