that's why this exists:
https://chromewebstore.google.com/detail/plebeian-signer-nostr-ide/ijbiankmnehjephbkfdgphckcdgbgoho?authuser=0&hl=en
just about to bump a bunch of changes including a feature...
I think there may be a bit of a misunderstanding about my concern. What I want is to be able to see and approve every single decryption request a client makes. With DM-capable clients today, that’s basically impossible in practice.
That’s why I think NIP-4e is necessary: it separates the keys used for DMs from the user’s main key. My main key may be used to encrypt other data, and I don’t want to grant a client the ability to decrypt everything just so I can use DMs, even if most clients are well-intentioned and won’t do anything malicious.
That’s why I think NIP-4e is necessary: it separates the keys used for DMs from the user’s main key. My main key may be used to encrypt other data, and I don’t want to grant a client the ability to decrypt everything just so I can use DMs, even if most clients are well-intentioned and won’t do anything malicious.
1