Nostr Web Client

Unfortunately I don't think you can get simpler than nsec login. It's also the easiest way to create an account. Anything more is very confusing for normal people. You either have server-side custody, a different browser app like nsec.app, or a new app on your phone, all of which can have the same problems. A key rotation scheme would be an improvement worth having, and educating users to reduce key exposure and not use their main key for storing ecash or secret communications or whatnot seems like the way forward in the short term at least.

MichaelJ 1y ago

Requiring an extra signer app or extension is not much different from a service like Gmail requiring a two-factor authentication scheme when you create an account.

We should work to create a "pit of success" for users to fall into, and I'm concerned that raw nsec signing doesn't do that.

UX research and future development in the Nostr space could probably produce low-friction identity creation that guides users into creating an nsec and storing it securely in just a few clicks/taps. It's not an easy problem to solve, but could provide huge value to users.

Reply to this note

Please Login to reply.

Discussion

hodlbod 1y ago

You're probably right. I think we'll get there, we just aren't yet. Bunkers were introduced about a year ago, and have come a long way in adoption, but they're still not quite "easy" (unless they're custodial, and even then, most of those are offline).

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah, the problem was relays

and the reason was complicated, ugly languages used to implement most of them, that make changes difficult to reason about

ManiMe 1y ago

I agree. More work is needed in this area.