pull down to refresh

5 sats \ 3 replies \ @spiderman OP 31 Jul \ parent \ on: Is Sharing Private Key with Websites a Necessary Part of Using Nostr? nostr
So you mean I have to trust Alby with the nsec, then it can sign messages for other apps like Iris without exposing the nsec to Iris (example)?
Then two questions
  • Is Alby trustworthy enough?
  • Do other apps following the Nostr protocol always accept signature from Alby without requiring my private key?
write
preview
21 sats \ 2 replies \ @k00b 31 Jul
Alby is trustworthy; at least, I trust Alby. Their code is all open source and they've been in bitcoin, and heavily involved in nostr, for a long time now.
The extension won't sign stuff without you giving permission and it will not reveal it to apps.
reply
0 sats \ 1 reply \ @spiderman OP 1 Aug
Thanks, does it mean every app using the Nostr protocol can accept signature from Alby (as opposed to storing my nsec)?
reply
0 sats \ 0 replies \ @k00b 1 Aug
Yes. Nostr signatures are standardized. They're a particular type of cryptographic signature that every nostr app will recognize and accept as yours no matter which app signed your notes.
reply