it will be bad when a client’s domain gets compromised and nsecs leaked via an attack

so people will switch to web based signer apps

then they will be compromised

the only way out is a proper hardware signer, a proper remote signer or a browser extension