Thread - Nostr Hypermedia

Vitor Pamplona _@vitorpamplona.com 3 days ago

I don't recommend putting nsecs in *any* client, but the flow here is pretty slick.

miljan

Big news Nostr fam: the Primal Remote Signer is here! 🫡 We just released Primal 2.6, which includes a NIP-46 remote signer built into our iOS and Android apps. Now you can use your Primal mobile app to login to any Nostr app that supports the remote login (a.k.a. nsec bunker) standard. IMHO this is the easiest and most secure way to login to Nostr web apps. Check out Paul’s overview video below. We had to do some crazy stuff to make this work on iOS. Overall this was way harder to build than we anticipated. Try it and let us now how it hits!

View quoted note →

Replies (7)

Anita anita@anita.link 3 days ago

What is best practice around nsec?

1 replies ↓

AU9913 auggie@nakaMOtown.com 3 days ago

Put it in amber (or any signer) deny network access to that app.

1 replies ↓

Vitor Pamplona _@vitorpamplona.com 3 days ago

Signers should rarely receive updates. The smallest the signer, the easier to audit and make sure there are no leaks. Larger apps not only change all the time, but they also update their dependencies all the time, which makes it really hard to know if the nsec is leaking or not. Any dependency can inject code to steal the nsec from users.

1 replies ↓

Anita anita@anita.link 3 days ago

Amber is for Android, what’s good for iOS?

1 replies ↓

Vitor Pamplona _@vitorpamplona.com 3 days ago

Aegis - nostrapps.com

Cross-platform Nostr signer supporting multiple connection methods

1 replies ↓

Anita anita@anita.link 3 days ago

Thank you!

1 replies ↓

Vitor Pamplona _@vitorpamplona.com 3 days ago

Its quite new, but promising.