That is true, which it’s why it’s the user’s prerogative to keep that code safe.

There are also some sophisticated options emerging to make key storage and app login easier and more secure.

But when you think about it, how do other social networks avoid centralized account management and recovery, which allows your credentials to be revoked by another party?

If you do lose or get your key compromised here you can just spin up a new one and let your followers know you’ve moved to a new key and not to interact with your old one.

Nostr is also much more than a social network. It’s a landscape of applications built on an open protocol. There’s a lot of value in that.