Yeah agree with @Derek Ross, I don't see how the private key is in anyway theirs because I'm using an extension they wrote to locally sign stuff. If they added malware that wasn't noticed, then sure, but otherwise its no different than the bitcoin developers having my bitcoin keys because I'm keeping them available in my Bitcoin Core wallet.

But obviously the relevant attack surface of a browser extension is much worse. I agree however, nsecbunker that is available in an easy, nearly no setup method would be near the pinnacle of this design, imo.