Not according to me. According to real events that have actually happened where private keys were exposed because nsec login was permitted and though the dev believed he was being careful not to let that data be exposed, he found out there was something he hadn't taken into account.
Other clients may have actually intentionally gathered private keys from their users. A lot of early Nostr users may have had their private keys compromised from one client in particular. Derek Ross (nprofile…n6q3) would probably remember which one. It started with an A, if I remember correctly. No, not Amethyst.
I believe even Vitor Pamplona (nprofile…pyug) has talked about dropping support for nsec login in the past.
Dikaios1517
npub1ku…v3lhe
2025-02-15 16:12:16
in reply to nevent1q…lkmn
Author Public Key
npub1kun5628raxpm7usdkj62z2337hr77f3ryrg9cf0vjpyf4jvk9r9smv3lhePublished at
2025-02-15 16:12:16Event JSON
{
"id": "06998e962d2969e797c8b4f4826f10491791bb68bf3402d23c274919175779af",
"pubkey": "b7274d28e3e983bf720db4b4a12a31f5c7ef262320d05c25ec90489ac99628cb",
"created_at": 1739635936,
"kind": 1,
"tags": [
[
"e",
"33a89cb29a75a6f6914b4bf795d582ec5413e87f84f039e747b2440ba3e36785",
"",
"root"
],
[
"e",
"8052a8769adc1d160f7e48ba0dd496c17cd6b0f00697674501b2d579ea999996"
],
[
"e",
"46a3261459a36732aff403fc17c0a677af339ccbc3bcb12aa4016b48595bcb0b",
"",
"reply"
],
[
"p",
"77ce56f89d1228f7ff3743ce1ad1b254857b9008564727ebd5a1f317362f6ca7"
],
[
"p",
"4180da638a2579c5187be5d2129cd2fd2ba6244a8f9f4dd99092b4487b3c147e"
],
[
"p",
"b7274d28e3e983bf720db4b4a12a31f5c7ef262320d05c25ec90489ac99628cb"
],
[
"p",
"3f770d65d3a764a9c5cb503ae123e62ec7598ad035d836e2a810f3877a745b24",
"",
"mention"
],
[
"p",
"460c25e682fda7832b52d1f22d3d22b3176d972f60dcdc3212ed8c92ef85065c",
"",
"mention"
]
],
"content": "Not according to me. According to real events that have actually happened where private keys were exposed because nsec login was permitted and though the dev believed he was being careful not to let that data be exposed, he found out there was something he hadn't taken into account.\n\nOther clients may have actually intentionally gathered private keys from their users. A lot of early Nostr users may have had their private keys compromised from one client in particular. nostr:nprofile1qqsr7acdvhf6we9fch94qwhpy0nza36e3tgrtkpku25ppuu80f69kfqpz9mhxue69uhkummnw3ezuamfdejj7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qg4waehxw309aex2mrp0yhxgctdw4eju6t09ug4n6q3 would probably remember which one. It started with an A, if I remember correctly. No, not Amethyst.\n\nI believe even nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgwwaehxw309ahx7uewd3hkctcscpyug has talked about dropping support for nsec login in the past.",
"sig": "b527784880315119e6dda63aa26451365393fb3f329cd6eeb78b04f5d2b9a2ebc9de46ec1bfc0834e7fb802cef02e51ef0b185976efedd43c8ef774becc57bd4"
}