>> The private key is stored in the browser’s localStorage.
> Woah.. when will those people learn? _Any_ browser storage is unreliable. Anything goes wrong ...
Can't that be solved by a 1-liner button like "Export key in safe location" then URL.createObjectURL( localStorage.getItem("myTopSecretKey") ) and let the user save that on their filesystem?
from the very post you are replying to:
> but how many people would (1) remember to export their private key and (2) won't lose it with their device?
How does this help with either of those options? for example, I am on the phone, and imagine I've remembered to download the key... if my phone breaks, it'll be deleted. I also need to store it somewhere - google drive? password manager?
So yes, it could be solved but it would be more like "1-liner + few manual steps user must do", and there will be no guarantees that user will do those steps. So maybe people who are really invested into the new network or maybe crypt-owners who are used to manager their private key will do it, but most people will just loose their friend lists once they get a new phone or clear storage.
(1) prompt on setup after ~5min of usage to discard 90% of testers
(2) email it yourself, in fact instead of downloading the key it could also be a basic mailto: link
If users can't be bothered they don't really care about the data stored there.