Oddbean new post about | logout
Vitor Pamplona | 1 years ago (raw) | root | parent | reply | flag +1 
 Them use https://spring.site/ one app for dozens of clients.
Cinnamon | 1 years ago (raw) | root | parent | reply | flag +1 
 Please tell me @vitor panplona that Spring is safe with my nsec.
Vitor Pamplona | 1 years ago (raw) | root | parent | reply | flag +5 
 It was made by @brugeman , so it probably is :)
Cinnamon | 1 years ago (raw) | root | parent | reply | flag +1 
 Thank you very much.
Newton | 1 years ago (raw) | root | parent | reply | flag 
 With a dummy account, I have been exploring Spring, the Nostr browser, for more than a couple of month. It's much more than awesome. Almost the whole of Nostr comes under the purview of a single app. Just wanna be sure it's surely secure to entrust worth my private key. Should I feel assured, @Vitor Pamplona? 

Also @brugeman, would you please explain?
brugeman | 1 years ago (raw) | root | parent | reply | flag +2 
 Spring is safe, your keys are stored on disk in encrypted form, apps cannot access them, the source code is open.
Newton | 1 years ago (raw) | root | parent | reply | flag +1 
 Thank you very much, @brugeman, for taking your precious time to reply. What you tell is assuring. How does it encrypt nsec on disk please? Encrypt with what?
brugeman | 1 years ago (raw) | root | parent | reply | flag +1 
 With keys generated inside the Android's internal keystore.   Android ensures only Spring can access those keys, decryption is performed inside the keystore.
Newton | 1 years ago (raw) | root | parent | reply | flag 
 That sounds great. Thank you.