Currently working on a Core Lightning plugin to immediately re-stack all outgoing sats from your node.

Most code is still experimental and should not be used yet. This project is under active development. Pull requests and issues are welcome.

What do you think? Should I continue working on it?

Source: https://github.com/theborakompanioni/cln-spend-and-replace-plugin

Edit: Yes, this uses centralized exchanges.. Oh my : |

Maybe "lnpass" fits your needs: https://lnpass.github.io

It's a web application that derives its keys from an HD wallet. You can create multiple accounts, as well as "accounts in accounts". Synchronizes with nostr for "backups", but only account name and description - no secret will ever leave your machine. You can bookmark the login url to quickly access your accounts, but you should of course write down your "lnpass id" (lnpass1....).

Open sourced under MIT: https://github.com/lnpass/lnpass-web

Let me know what you think.

These were exactly my thoughts before. After some thinking I changed my views. Please, take no offense, it is totally okay to have a different opinion on this.

I just don't want to drift into a world where people not as educated as you put in their seed words just because a random app prompts them to. Sure, all that's needed is a "little" education and healthy skepticism, but that's arguably very hard. Imho, it's better to try "avoiding" it in the first place.

Fun fact: It is in fact a bip32 master key. But you can only put funds on it if you know thy tools.

Completely agree with what you are saying.

However, in this case, I think this is a UX issue, not a "security by obscurity" issue. One could argue that a mnemonic seed is also a different representation of a seed, just like the bech32 representation, would you agree?

I appreciate the effort to spread knowledge of lnurl-auth, however, do you think there is a problem importing seeds into "random" apps?

A wise man once said we should not normalize making people type seeds (BIP39) into text boxes. And I wholeheartedly agree.

In https://lnpass.github.io (shameless self-promote, I am sorry) the secret is presented as bech32 encoded string. Would you think this is a good approach for you app as well?

Still a "work in progress", though.