Spare laptops are probably your best bet. Built in battery backup and you can use Unraid or Portainer for web docker management.

I actually think they made the right trade-offs here. Reminds me of Argent's (yes booo shitcoins) guardian recovery system but with a hardware device instead of social guardians. Not really a cold wallet replacement but more of a hot wallet backup/security setup which is much needed for normies.

Another benefit of using nostr for transferring the whisper key is a recipient web app could be built that filters out keys without a balance and allow for easier/more precise sweeping.

You could also put the sender instantiation behind a "generate" button to avoid creating a nostr message for every page load. I want to avoid spamming nostr as well but luckily the traffic will be coming from the client so relay anti-spam prevention can be applied.

Technically the nostr message is still out-of-band, but is sent programatically and free (for now) which is what I was getting at.

Very cool, nice work.

Using something like an encrypted nostr message to transmit the linking key instead of email would remove the sender out-of-band communication and avoid the fatal refresh issue. Just a thought.

Shameless plug for my zero fee routing node https://amboss.space/c/iampigman

Once we have PTLCs and Eltoo the operating cost of running a routing node will go way down and subsequently the fees. Until then though HTLC attacks are too costly to facilitate altruistic routing.