Oddbean new post about | logout
jb55 | 3 months ago (raw) | root | parent | reply | flag 
 wdym? this is a problem with all nip07 plugins except ones that communicate to a native app or device that does the signing. I think all nip07 plugins currently work this way.
Ƒʉͫcͧкͭιͪηͣ 𝕵𝖔𝖍𝖓 ⚡️⚡... | 3 months ago (raw) | root | parent | reply | flag 
 So than that's fucked up

Is it true @fiatjaf Nos2x extension leak the nsec on Javascript environment?

And what about Amber @greenart7c3
jb55 | 3 months ago (raw) | root | parent | reply | flag +1 
 it doesn't leak it to websites, since extensions are isolated. damoose just takes it a step further and isolates it from the js-plugin environment. it acts as a native signer that is network-sandboxed. your keys are likely fine, this is just improving the security even more.