ROCKSTAR on Nostr: you don't even need to save nsec in database, it's supposed to stay on the client ...
you don't even need to save nsec in database, it's supposed to stay on the client side.
unfortunately I know for a fact one client transmitted nsec to server and was saving it unencrypted for all their users in central db.
Published at
2025-02-23 18:51:46Event JSON
{
"id": "b8294000041a503a311e3772f87d2a763723fb88dd1deaf1c08d7918ac6c9493",
"pubkey": "91c9a5e1a9744114c6fe2d61ae4de82629eaaa0fb52f48288093c7e7e036f832",
"created_at": 1740336706,
"kind": 1,
"tags": [
[
"e",
"200aafe052bc7adc73b32b6c7f1bea0fedaed2f919188d1095d303fda8676d2f",
"",
"root"
],
[
"e",
"e8ff5cf6f6761d26766ea25e03452cb1660f592a76aaf46647ffdab068ec2646"
],
[
"e",
"61c00b8f170e4aa81c572ef5bb8da1fdd758eae592fb039d75f43059eb7dd86e",
"",
"reply"
],
[
"p",
"1739d937dc8c0c7370aa27585938c119e25c41f6c441a5d34c6d38503e3136ef"
],
[
"p",
"ef9a20d782d22b929d1601ff2df44956f1c6d47b9258f7a2c2c3d58b99b5a939"
],
[
"p",
"91c9a5e1a9744114c6fe2d61ae4de82629eaaa0fb52f48288093c7e7e036f832"
],
[
"p",
"fba1bbd8ab57f258673157defd5afc9ceda004c6845f99db3169fe4b61ba7416"
]
],
"content": "you don't even need to save nsec in database, it's supposed to stay on the client side.\n\nunfortunately I know for a fact one client transmitted nsec to server and was saving it unencrypted for all their users in central db.",
"sig": "197645e21db6c0e9a0a4675740bfe2af9790129fe8eefff314bf1ee8ef74063ab20b87ce3e66ae1616e7bd22ada80f5acee3704abfadb238612a0feaedcc4ab3"
}
