Replying to Avatar Josua Schmid

How do you mean “it requires other NIPs to work”? My suggestions? Or NIP-01?
Avatar
MichaelJ 1y ago 💬 2

The security thing is the big one. No one should be putting their nsec directly into a bunch of different clients.

If you're writing for browsers you need to support at least NIP-07 for note signing. Mobile and desktop need NIP-46 for secure signing. NIP-46 itself depends on NIP-04 and/or NIP-44 for encryption.

Major clients don't use note IDs, they use bech32 identifiers. Those are defined in NIP-19.

Replies and common indexed tag types are in yet another NIP.

Then there's the outbox model, which isn't really defined anywhere at all, but is essential for a client to work with a distributed set of relays. That's pure institutional knowledge.

Reply to this note

Please Login to reply.

Discussion

Avatar
Nice and Kind Vic 1y ago 💬 2

I agree with all of this except the need for nip46. Thats a nice to have, but not essential.

Avatar
MichaelJ 1y ago

What is the alternative on desktop or mobile apps?

Avatar
Nice and Kind Vic 1y ago

There isnt an alternative. NIP46 shifts the signing and in essence that public key becomes a secret for that interchange, or a combination pubkey and secret. A security abstraction layer that can be chained.

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

nip-65 is where the outbox model's data is defined tho

it's up to clients to use it for publishing and fetching events (my outbox = publish, your inbox = fetch)

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

it really is defined: