Practice safe nsecs, don't raw dog it into any apps. Use a signing extension. Nos2x, amber etc.
If you did this with coracle, my take is probably nothing will happen, but you can't use that nsec to store any kind of nutsack/ecash anymore.
I do applaud hodlbod (nprofile…mt90) for doing the right thing and disclosing, this is a major mistake and a devs worst nightmare. But it's also a user mistake to just paste your nsec into websites. This won't be the last time a security flaw will be discovered.
utxo the webmaster 🧑💻
npub1ut…r50e8
2024-10-25 16:44:34
Author Public Key
npub1utx00neqgqln72j22kej3ux7803c2k986henvvha4thuwfkper4s7r50e8Published at
2024-10-25 16:44:34Event JSON
{
"id": "604f8108436cb0a94abd2d5d51614ce39e88f76b92457420e06719a030d35273",
"pubkey": "e2ccf7cf20403f3f2a4a55b328f0de3be38558a7d5f33632fdaaefc726c1c8eb",
"created_at": 1729874674,
"kind": 1,
"tags": [
[
"p",
"97c70a44366a6535c145b333f973ea86dfdc2d7a99da618c40c64705ad98e322",
"",
"mention"
]
],
"content": "Practice safe nsecs, don't raw dog it into any apps. Use a signing extension. Nos2x, amber etc.\n\nIf you did this with coracle, my take is probably nothing will happen, but you can't use that nsec to store any kind of nutsack/ecash anymore. \n\nI do applaud nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspz3mhxue69uhhyetvv9ujuerpd46hxtnfduq35amnwvaz7tmjv4kxz7fwwajhxar9wfhxyarr9e3k7mgprdmhxue69uhksmmyd33x7epwvdhhyctrd3jjuar0dak8x6lmt90 for doing the right thing and disclosing, this is a major mistake and a devs worst nightmare. But it's also a user mistake to just paste your nsec into websites. This won't be the last time a security flaw will be discovered.",
"sig": "689ea0a50ee4e693d601299b3b1f6fd262eb271461b67d9b4ac6167e31f86789ac4c4904ac9f5624e8bdb5eb31426fbeac27ed7e248ee6f698e7fefba040dff1"
}