c8372 - 2y
Hey Notriches 👋 (Especially mobile dev nostriches) At plebstr, we're exploring the possibility of creating a mobile open-source nostr event signer. This app would enable a way for multiple nostr apps/clients to request a signature for an event and still ensure that your private key is stored securely, similar to Alby extension on a web. We believe that this would be a significant step towards ensuring user security in the "Nostr ecosystem," as it eliminates the need to store your private key across multiple apps. We wanna hear your thoughts and ideas on this one. Hit us up and tag any other badass devs who might be interested in joining the discussion - #[0] #[1] #[2] #[3] #[4] #[5] … Let's make moves and take user security in the Nostr ecosystem to the next level! 🔒💪
97161 - 2y
Sounds like a good idea.
eaf1a - 2y
Mobile open-source Nostr signer for any client/app would be AWSOME! Lets do it! 🔥🔥
3bf0c - 2y
You write the note on your desktop and scan a QR code with its contents. The mobile app signs and publishes it directly to a list of relays it has internally.
Vitor Pamplona @Vitor Pamplona - 2y
So, we are back to a list of relays? :)
7211d - 2y
Good idea! I’m into it. May offer some neat improvements in overall UX :)
Nick Percoco @c7five - 2y
You _may_ be able to leverage Secure Enclave on iOS to store the private key. https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/protecting_keys_with_the_secure_enclave
semisol @semisol - 2y
It is unexportable
Nice catch, yes, that came to my mind too. But writing to is much simpler than reading from -- still this app could allow you to pick the relays to publish each note to in case it's a contextual thing.
Actually it makes more sense for the target relays to be exported inside the QR code too from the desktop app.
c1fe5 - 2y
Sounds good!
8c3b2 - 2y
Just installed plebstr, pretty nice
As long as apps can communicate without having to switch them back and forth, it should be fine. Users approve tokens from other apps. Once approves, if it comes from that token, it signs.
Apparently the "Post" button doesn't give you a good confirmation though, hence why I posted this 3 times 😂
9f250 - 2y
Is there hardware support for Schnorr on secp256k1, i.e. Apple secure enclave, Yubico, Ledger…?
Gotta fix that 😅 thanks for the report
62cef - 2y
Check BIP46 Nostr connect: https://github.com/nostr-protocol/nips/blob/master/46.md And the reference implementation: https://github.com/nostr-connect/connect
7 times for me.
Yeah 7 times 🥲
Same device iOS/Android. I feel comfortable to say that android is going to have a way, iOS is going to be a trouble
