Thread

I don’t understand why most native Nostr applications don’t also function as NSEC bunkers or key signers. These apps already have access to the user’s private key and can sign events, so adding this capability doesn’t seem like a big leap. By including it, the overall Nostr user experience would greatly improve. Users could seamlessly use other apps within the ecosystem without dealing with key juggling, confusing add-ons, or browser extensions. This will HELP with user retention, IMO, as it makes the uses cases of Nostr less complicated.

Replies (26)

🛡️
↩ replying to Derek Ross
Hey guys … um…HELL NO!! Account creation is THE GATEWAY for ALL KYC LAWS. Signers NEED TO REMAIN distinct apps that DO NOT otherwise process events … in order to keep “social apps” distinct and every app immune from prosecution. The solution will not be simple, but we MUST prevail!!
ManiMe's avatar ManiMe
Clients that generate keys internally for new accounts WILL BE pressured to gate-keep in the name of “protecting the children” … as more KYC laws hit the books. View quoted note →
View quoted note →
🛡️
↩ replying to Derek Ross
@npub1uf9g...v8xc already does this … albeit a bit rough. I’m working to improve this flow … and add “remote key generation” with “redirect back to requesting client” as a nip for any client to make use of when creating new accounts. Will be transparent for new users.
GitHub
nsec.app create_account flow needs improvement · Issue #338 · nostrband/noauth
I have forked this repo and will be working to improve the create_account flow in a manner suitable for proposing as a new NIP standard, as per thi...
@Keychat developed something very fckn cool when you think about it long enough, the entire experience of nostr is going to follow this trajectory. It is a super app with private chats, ecash payments, easy access to all freedom tech in one place, this is amazing achievement IMHO. You would like to have @Amethyst with "Signal/MLS protocol to ensure message encryption security and meta-data privacy", but its not there yet NOSTR DMs suck at the moment across all clients. @White Noise and now Marmot are definitely levelling up the playing field, allowing for group chats. "Marmot has the security of Signal with the censorship-resistance and data portability of Nostr Key features: End-to-end encryption: Messaging Layer Security (MLS) based end-to-end encryption with forward secrecy & post-compromise security Upgradable cryptography: Evolve your groups security without breaking existing conversations Metadata protection: No one can see your social graph or who you communicate with Decentralized, commodity infrastructure: No central servers to target, easily change your group's relays whenever you want Scalable group messaging: Works for small teams or large communitiesIdentity freedom: No phone numbers or email addresses required" - THIS IS VERY IMPORTANT There is no "one app/client takes it all" fosho, in our NOSTR universe, however direction taken by @Keychat improves your daily experience View quoted note → View quoted note → View Article →
🛡️
The user needs to scan a QR code with the nostr+connect value, and then keep the second device online at all times. Instead they can show their key as QR on one device, scan it on second device and be ready to go in a split second - and it all works seamlessly, don't need second device online. Yes, less secure, more chance of key leaking/stolen, but the UX is better. Though have a desktop app that acts as both client (viewer), relay (exposed through a relay proxy and acts as backup) and signer, that can just run in the tray, is a good idea.