0 sats \ 3 replies \ @WeAreAllSatoshi 8h \ on: NWC Tester: test nwc strings to identify what they are and what they can do bitcoin
Would one use this to check the same NWC strings that you may use to configure NWC connections on stacker news? If so, aren’t there security concerns with uploading this string to a third party?
I made it as a development tool. I am preparing for a workshop I am doing in Berlin in a few days where I will show people how to make an NWC backend. But it's important to have a site to check your work against and make sure the connections strings are valid and do as they are intended. So this page fills that need.
Would one use this to check the same NWC strings that you may use to configure NWC connections on stacker news
You could. The string is not uploaded to a third party server, you can view the codebase and see that all the testing is done client side and there is no backend, unless you count nostr relays as a kind of backend. But if you don't have confidence in the frontend code then don't use it for that
reply
Thank you for the detailed response. I’m not trying to dump on what you’ve built here. I just wanted to raise awareness about entering data that can be used to spend funds onto sites and the potential risks associated. I mostly just remembered how SN uses password input fields for NWC strings in wallet setup, and I hope folks don’t go entering their passwords on other sites on the internet :)
Anyway, nice work, and thank you for sharing it.
reply
Fair. NWC strings with spend permissions are effectively a kind of private key. So be careful where you put them.
reply