Thread

I’ve never seen so many angry people just for suggesting not having amber support. Damus Android’s chrome is being designed as the signer, and our hosted micro apps will communicate with the chrome for signing. This is no different than a browser with a signing extension, except the signer is embedded in damus in an isolated fashion. We’re designing damus so that it can securely host multiple micro-apps for multiple platforms, and it will not depend on any external apps for its core function.

Replies (42)

You mean like @brugeman 's Spring app? Check out
GitHub
GitHub - oren-z0/noteguardian-extension: Note Guardian chromium extension
Note Guardian chromium extension. Contribute to oren-z0/noteguardian-extension development by creating an account on GitHub.
 it uses WebRTC to connect your computer's browser extension with your phone over local WiFi. In the current implementation the phone opens a webpage (which may be opened with Spring) to do the signing - but it could be Damus. #NoteGuardian
I actually find it a bit humourous how excitable people get about their nsec. God forbid someone steals your identity of your identity of posting stupid notes and memes on nostr. I can't think of anything that is more "throw away" than a nostr nsec. I raw dog my nsec all the time. I don't really care. I run my own relays and I have nip-05 No reason to be precious about it.
I like the use of Amber. But. also like developers, which have the guts to try new stuff. When Amber will be hacked before Damus, you will might be true. When there is an exploit on Damus, it will be might been a stupid idea. When nothing of it will be exploited, then it will probably only be a decision. And everyone chooses what they prefer. Thanks for your thoughts in facilitating onboarding πŸ™ŒπŸ«΅πŸ₯³
Amber is good because you can be very selective of the events you choose to sign. For example, I think Amethyst drafts suck, so I kill them with Amber. And for the first time, this security model is even possible. It's a shame not to even consider it, and stick to the idea that external dependencies are bad. It's actually worse to have everything all in one. I would even get rid of Amber if I could run a remote signer on a server at home and operate completely with bunker uris. Your nsec is forever, and the number of clients that demand it will only increase. The less you have to copy it around, the better. So welcome to the land of freedom I guess. This isn't Apple's walled garden anymore where your users are all sheep.
Its the current state of the internet, everyone gets mad about anything 🀣🀣 Also I don't get why it's so hard for you to just add an option for it. It also doesn't help that every time you talk it looks like you want that only your platform exists and everyone should give up and just use that, that's not how it works
Come on JB that's almost too simple. A build-in - isolated - signer for events? That's like doing a Bitcoin transaction on the main-net without cold card, seedsigner, air gapping a laptop to create the transaction then using another laptop to broadcast the transaction all of that while making coffee with one hand while smoking a reefer with the other hand. Stop making life easy! This is outrageous! πŸ˜‰
Sorry Will I respect your opinion and love the work you're doing with notedeck but you're wrong here. Remote signers like Amber give you more security and flexibility. I get why you're not building it, it does add complexity with the way you've been building the app, but it'd absolutely worth it because it enables a lot of functionality (such as in the future external hardware based signers)