don't jump to conclusions, I am just talking about improving the security, I never said your nsecs are leaked. a javascript environment can still be secure if properly isolated from web pages. 

 Definitely. I’m just saying that Pablo’s idea with ecash attached to the nsec doesn’t make any sense because nsec isn’t secure