Given that we are talking about peoples own systems and raw data is never transmitted to another computer - seems like we aren't storing something which wouldn't already be on the participants system?

My thinking is you'd have your secret in a password manager, it wouldn't be in a vulnerable location on your computer, like in a file in your root directory (that said, for some it may well be, a practice which we're trying to discourage).

It depends on what happens with the secret once its entered. If you enter it, and then it just shards it and throws it away, can the computer retain knowledge of that secret (in a cache or something)? If it does, then you're right, its on that persons system and thats a vulnerability anyway, regardless.

I don't think it would cache this value unless you specifically told it to!

I'm thinking, if you're entering the secret and it writes it to a file to be sharded later, there's a risk that, say I leave my computer open somewhere and someone knows where to find that file, eep! Exposure risk. That file could be encrypted, then you need a way to encrypt that isn't publicly available, like using a password. You could add a password to open the secrets app (something we should consider anyway, though I discussed with @Dominic and @mix and there are pro's and con's to this) and use that to encrypt the saved secret until its sharded.

Does any of this make sense? I think the interface aspect of entering the secret first is better, I guess I'm just thinking that handling secrets means we should be careful about how a piece of software holds onto it. I don't think it should at all.