Oddbean new post about | logout
Matt Warren | 8 months ago (raw) | root | parent | reply | flag 
 The same thing that always happens if you don't backup your key I suppose. But this is why I'd prefer a model similar to how hardware  wallets work. I just think one point of failure is safer in this context than having one key in a bunch of rando apps that may be malicious or incompetent.
brugeman | 8 months ago (raw) | root | parent | reply | flag 
 This depends on what you mean by 'down'. 

If our APIs are down then the background signing won't work, but the web app (and pwa) will work and will allow export and signing (with an open nsec.app tab). 

The web app is unlikely to be down - it's hosted by vercel cloud, and it's heavily cached in your browser so even if vercel is down it would still work from cache. 

We also have roadmap for various backup strategies being auto-implemented or at least auto-suggested.

In the worst case we're permanently down or have killed our database and you clear your browser data and have no backup - then your nsec is gone.
Matt Warren | 8 months ago (raw) | root | parent | reply | flag +1 
 I think that's a reasonable risk considering one can have an offline backup AND it's still better than handing the key out like candy, assuming the service is trustworthy.