Oddbean new post about | logout
ABH3PO | 9 months ago (raw) | root | parent | reply | flag +2 
 I’m not sure, I asked because I’m facing a similar problem with encrypting user forms on local storage on formstr, it’s a security vs UI trade-off, perhaps an optional feature for security would be a nice idea, or perhaps a remote decryption key? (This would be too similar to a remote signer, but you’d only have to do this once, instead of signing every event remotely) also key-rotation would be easier.
brugeman | 9 months ago (raw) | root | parent | reply | flag 
 Well with formstr you could encrypt forms w/ user's nsec store locally? It pushes the problem to nsec storage, at least it's one problem to solve, not scattered across apps.
ABH3PO | 9 months ago (raw) | root | parent | reply | flag +1 
 Very interesting, I’m not sure why I didn’t think of that! I already encrypt and store the forms as an encrypted list on the relays, it’s not much different than storing locally, thanks! Does nsec.app also do nip-04 encryption?
brugeman | 9 months ago (raw) | root | parent | reply | flag +1 
 Yes of course all nip07 methods are supported, although getRelays returns nothing atm
brugeman | 9 months ago (raw) | root | parent | reply | flag 
 Wdyt of using nostr-login for formstr?
ABH3PO | 9 months ago (raw) | root | parent | reply | flag +1 
 I am sure I replied to your comment earlier but I can’t find the reply anywhere. Clients are buggy! 

We could definitely evaluate it for the increase in UX on formstr. We are already using signers for interacting with a users nostr profile. Will check it out later today!