Bitcoin Carlin on Nostr: Putting your nsec into anything that's not open source and peer reviewed for security ...
Putting your nsec into anything that's not open source and peer reviewed for security seems like a really bad idea. But I'll bite. Walk me through the key custody process from nsec entry to later retrieval @pablof7z. I found the repo for nsecbunkerd but is your client site open source? if so please provide a link.
By the way on the nsecbunkerd github page it looks like you're storing the keys in plaintext with no file permissions set. Feel free to jump in here @hodlbod @semisol @broadmode
Published at
2023-11-30 18:13:03Event JSON
{
"id": "31a11fb1a77b64053ae1f0870986502a6d3c50603574d24b5d4b666c18c4e9ba",
"pubkey": "8407f58dcca55637b874dbb0e5bcac47c70704ea0dc079626c2c7b42c7045ec1",
"created_at": 1701367983,
"kind": 1,
"tags": [
[
"p",
"76c71aae3a491f1d9eec47cba17e229cda4113a0bbb6e6ae1776d7643e29cafa"
],
[
"p",
"9c163c7351f8832b08b56cbb2e095960d1c5060dd6b0e461e813f0f07459119e"
],
[
"p",
"fa984bd7dbb282f07e16e7ae87b26a2a7b9b90b7246a44771f0cf5ae58018f52"
],
[
"e",
"c0ff5a9acaa930a26e86f90899373cd9b992238236570ca0e37846016c0b857d",
"",
"root"
]
],
"content": "Putting your nsec into anything that's not open source and peer reviewed for security seems like a really bad idea. But I'll bite. Walk me through the key custody process from nsec entry to later retrieval @pablof7z. I found the repo for nsecbunkerd but is your client site open source? if so please provide a link.\n\nBy the way on the nsecbunkerd github page it looks like you're storing the keys in plaintext with no file permissions set. Feel free to jump in here @hodlbod @semisol @broadmode \n\nhttps://m.primal.net/HRix.png\n",
"sig": "97cb2d3f59ea4541b6f73318cdcd58c508059c19df334728a0cfac870adc11b930b26b36145453698af9956ca3f6f5c0b09f59dcad510faa5478537fc9ae8446"
}