Replies (54)
amber?
no longer supported π
Oh no not institutional enterprise level architecture fuck
"Haters will say pennies might get rugged" he says, as he takes away external signer support
Stupid Google only securing billions of dollars worth of data, for sure my raspberry Pi in the basement will keep me safer
And than Google have my key? Not an good idea, also for noobs.
It's encrypted, so no they don't have it
why THOUGJ
This almost feels like the beginnings of an Embrace Extend Extinguish operation.
Whatever, nostr will be fine. Maybe more fragmented, but fine.
The classic nostr dev dilemma
no one knows π
Since Primal isn't showing me (myself) my previous reply, I'm replying again to add another reminder to the thread:
Don't fall for this grifter
Just log in with google bro. Do no evil.
Security-wise cool. I wonder how interoperability would work. Will I be able to take that seed and import to any other Spark wallet no problemo?
Yup
OK and what is when Google blocked my account? The normie friend should have his nsec in a safe way.
the wallet private key being derived from the nsec is actually fucking cool and peak nostr UX. now if we can figure out how to not use the Breez SDK and be gated behind an API key, id be 100% down for this. do i need to have my toaster take a look?
You can try but no matter what if we use lnurl we are doomed to always need a webserver provider
Your normie friend doing a dumb thing with their nsec like saving on phone or plaintext in an email is way more likely than a google block
And why not teaching them a good way like we did it with Bitcoin? No one says, hey Bitcoin is to difficult use for more security your bank accountπ€
you do, but not step 1
Gooogle, NOOOOOO!!!
normies will like it, tho.
The Nsec that you have to Raw dog into your app? Hmm sounds like a nice rug in the future. Congrats on your scam.
Thanks man, I try
Trying to keep away from google as much as possible. Logging in with google is a bit spyware friendly no?
Any self respecting individual would use SSO as a means to get into Nostr, figure out wtf they are doing and then scale from there.
It's insanely overwhelming to everyday people who use SSO and don't send instant money over the Internet.
Biggest problem here is the learning curve. After they pass that point, they can easily use more complex clients, nos2x, apps, cashus, whatever the next thing is
My self-hosted setup IS more secure than Google's, I have brute forced my wife's password on Google by having the confirmation route to my email with auto captcha. Google is not a serious company.
I was trying to be helpful with feedback but had to delete Wisp like 2 weeks ago. There's making Nostr simple and then there's recreating Primal.
I'm sure the 2nd biggest company in human history isn't as serious as an autist on nostr
I haven't ever leaked millions of people's personal data, or sold it to 3rd parties. It's 2-0, me.
If you move to a different country, Google locks you out of your account until you provide a phone number for "verification". It then accepts that arbitrary phone number as yours, without any further steps or conditions.
This is the same argument as "I'm sure central banks aren't as serious as an autist working on bitcoin." Just because you can trick people into a centralized system doesn't mean you are more serious, fucking obviously.
Credentialism is weak sauce.
Google can provide 100x better security that the average normie downloading a nostr app off of Google play, fucking OBVIOUSLY
These guys will be putting their nsecs in Gmail to save it
And banks can provide better security to a normie than them holding bitcoin.
Welp, I guess we should never try to bridge the gap. We should never make more intuitive UI or hardware to hold keys with easy UX.
Nope, just hand our sovereignty to Google, and the Fed.
Well, I updated Wispβ¦but I need to login again.
But I donβt have a Google account nor do I copy-paste my nsec there.
I feel like a discriminated normie now. Do I need to create a new account? π€ͺ
Gotta build for the NPCβs too.
I had to work really hard to see the upside in using Google to sign into nostr. Feels like it taints everything. I could never have coded such a solution.
The only upside I could see is it could make nostr more accessible for normies that need it.
Why did you remove the ability to use remote signers? It should have stayed for those with that security in mind.
@utxo the webmaster π§βπ» Why did you remove the ability to use remote signers? It should have stayed for those with that security in mind.
@utxo the webmaster π§βπ» Why did you remove the ability to use remote signers? It should have stayed for those with that security in mind.
At the end I can understand the Google choice, it can be a good trojan horse, but removing the local signer option seems nonsense to me. If you want to smooth the UX as much as possible and remove any unusual stuff, you can simply bury it behind an "advanced" option.
Of course you know that, so can you elaborate on your decision? I'm curious.
β¦bolt12?
1. Who has noob friends anyway? 2. And even if you do: Let the noobs do it that way. 3. But who's going to tell those people about your app? 4. Well, not me, because I'm using a different one now.
You can solve this dilemma in one easy step... uninstall and never look back, as you seek out other clients that don't pull subversive bullshit like this.
Don't sign in with google π€¦ββοΈ
Why is that Digit? I haven't seen them do anything malicious.
I've only seen them push a bad update with removing the remote signer feature.
Add enough hidden buried code to unopinionated software to satisfy every user then you end up with Amethyst
That's what's cool about wisp's implementation, you're not actually signing in with Google, just using it as an encrypted backup. If Google bans you, your nsec still works, only the backup is gone
What's so hard to save the nsec in password manager?!
Nothing, we offer that too :wisp_cute:
Well, to be fair you didn't pick a great example, you might not like Amethyst for its feature set, but it is very good from an architectural point of view.
Anyway here we are not talking about features or the style of the app, but about a login/sign method used by a significant portion of Nostr users who span various user categories.
