Couldn't have said it better.
Users care about their experience with an app, not about how it works under the hood. That is, until how it works under the hood encroaches on their experience.
Unfortunately, users don't often find out about this until they get burned. They choose the short-term, convenient experience, and find out later why choosing something that was a bit less convenient would have saved them a lot of pain.
For instance, just pasting in your nsec to log into a client is the most convenient way to use it. You only find out why you should have gone the less convenient route of using a browser extension or remote signer when your private key is leaked, either unintentionally or maliciously, by one of those clients and someone else starts posting as you. Never have that experience? Well, then you might never understand the importance of protecting your nsec unless you hear from someone else who tells you what can happen if you don't.
So, maybe the devs aren't the best folks for that job, but there need to be people who understand the protocol well enough to help other users understand why they should follow best practices. Otherwise, everyone is just going to gravitate toward the apps and services that are most convenient in the short term, without considering the tradeoffs that they aren't aware even exist.
Dikaios1517
npub1ku…v3lhe
2025-05-04 21:17:10
in reply to nevent1q…axck
Author Public Key
npub1kun5628raxpm7usdkj62z2337hr77f3ryrg9cf0vjpyf4jvk9r9smv3lhePublished at
2025-05-04 21:17:10Event JSON
{
"id": "c6f9c2822f33d2af91c15658051daafdd8385d6302994534ef02cb903d6132b9",
"pubkey": "b7274d28e3e983bf720db4b4a12a31f5c7ef262320d05c25ec90489ac99628cb",
"created_at": 1746393430,
"kind": 1,
"tags": [
[
"e",
"202eb8487cf23053021054262badbb8340a514f281af11403f4c13b91e61f9f3",
"",
"root",
"32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245"
],
[
"e",
"354192c3f590fe97184e8c602f4b1e17c30ed0999200c24bbaebe175a6165c1e",
"wss://wot.brightbolt.net/",
"reply",
"1928ee3558f54e3164d81d26c35e123c254bae128354d7617d7fd862d70d9a2b"
],
[
"p",
"c673ff0b5f228feb0abb1001882178d4c588bc4e50f857173544b5543b454f81"
],
[
"p",
"8fb9450003a599bb1b34f03fadb9b137f6c0e5a850ba205964bee4732ccce549"
],
[
"p",
"32e1827635450ebb3c5a7d12c1f8e7b2b514439ac10a67eef3d9fd9c5c68e245"
],
[
"p",
"1928ee3558f54e3164d81d26c35e123c254bae128354d7617d7fd862d70d9a2b"
]
],
"content": "Couldn't have said it better.\n\nUsers care about their experience with an app, not about how it works under the hood. That is, until how it works under the hood encroaches on their experience.\n\nUnfortunately, users don't often find out about this until they get burned. They choose the short-term, convenient experience, and find out later why choosing something that was a bit less convenient would have saved them a lot of pain.\n\nFor instance, just pasting in your nsec to log into a client is the most convenient way to use it. You only find out why you should have gone the less convenient route of using a browser extension or remote signer when your private key is leaked, either unintentionally or maliciously, by one of those clients and someone else starts posting as you. Never have that experience? Well, then you might never understand the importance of protecting your nsec unless you hear from someone else who tells you what can happen if you don't.\n\nSo, maybe the devs aren't the best folks for that job, but there need to be people who understand the protocol well enough to help other users understand why they should follow best practices. Otherwise, everyone is just going to gravitate toward the apps and services that are most convenient in the short term, without considering the tradeoffs that they aren't aware even exist.",
"sig": "6622140f5bf0fde4dcbf97ac3f663227718e114b821bdfb76ce9e170bec37f39bb03c366fa5ad575d1113f4bf100649294dd518723a6e090ccd7224de130741e"
}