Oddbean new post about | logout
brugeman | 7 days ago (raw) | root | parent | reply | flag +1 
 For the iframe-based thing to work you'd have to sign into nsec.app on your phone in the same browser.
oren_z0 | 7 days ago (raw) | root | parent | reply | flag 
 So the keys never leave the phone, and all the signing/encrypting/decryption requests & responses are sent over some internal browser-specific api? (i.e. the Safari on my phone can communicate with the Safari on my laptop, if I’m logged in).
brugeman | 7 days ago (raw) | root | parent | reply | flag 
 No, nothing Safari-specific, keys must be on the same browser on the same device. This doesn't work across devices
oren_z0 | 7 days ago (raw) | root | parent | reply | flag 
 Bummer.
I don’t want my nsec to ever leave my phone.
I know that WhatsApp Web used to force you to connect your computer to the same WiFi as your phone. I guess it’s because they didn’t want the computer to interact directly with their servers, and instead it communicated with the phone over the local network. Maybe you could do something similar.