dikaios1517 on Nostr: There are currently 3 ways to sign without entering your nsec into the client. 1. ...
There are currently 3 ways to sign without entering your nsec into the client.
1. NIP-07 via browser extension. Almost all web apps now support this method, and it has a pretty good user experience, but users may not be comfortable with storing their keys in a browser extension.
2. NIP-46 first used via NsecBunker, but now also available for use via nsec.app, Amber signer on Android, and most recently with a unique method of splitting your key between three remote custodians via njump's new onboarding app. However, NIP-46 support is much less common among clients, and it often just seems to not work, even if it is supported.
3. NIP-55 Android Signer which is only available via Amber at this time. It is my personal favorite option, as it is very user friendly and your keys are stored locally by an open-source app. However, there are even less options for this signing method among clients than there are for NIP-46.
We do not have any way to store keys offline, because your key is needed to sign EVERYTHING on Nostr. It's similar to the reason keys cannot be stored offline for Lightning. We would need to have the ability to generate child-keys that can be used instead of the parent-key, and which can be revoked if they are compromised, before we would have the ability to store the parent-key offline, and use the child-key for regular event signing.
1. NIP-07 via browser extension. Almost all web apps now support this method, and it has a pretty good user experience, but users may not be comfortable with storing their keys in a browser extension.
2. NIP-46 first used via NsecBunker, but now also available for use via nsec.app, Amber signer on Android, and most recently with a unique method of splitting your key between three remote custodians via njump's new onboarding app. However, NIP-46 support is much less common among clients, and it often just seems to not work, even if it is supported.
3. NIP-55 Android Signer which is only available via Amber at this time. It is my personal favorite option, as it is very user friendly and your keys are stored locally by an open-source app. However, there are even less options for this signing method among clients than there are for NIP-46.
We do not have any way to store keys offline, because your key is needed to sign EVERYTHING on Nostr. It's similar to the reason keys cannot be stored offline for Lightning. We would need to have the ability to generate child-keys that can be used instead of the parent-key, and which can be revoked if they are compromised, before we would have the ability to store the parent-key offline, and use the child-key for regular event signing.