That's pretty funny that you're arguing with yourself over key storage, @steemchiller. :) We've all got to answer to someone at some point, including ourselves.

I have to agree, it probably doesn't make much of a difference—either way, an attack can happen. But, like you, I also prefer local storage, XSS attacks aside. It seems like though, a hacker would need to know that a user is accessing data using a locally stored key, or go straight to the server so the script can download from it? Just trying to walk through what would be more likely—finding out that I'm accessing my key locally from my end, or from the server I'm connecting to it with?

I'm glad to hear that your focus is now on the post editor. Really looking forward to see what you come up with.

Thanks, as always, for all you're doing with steemworld. :)