it could even be a broker that signs with multiple different signers depending on the request / data. you can hook it up in a lot of ways. either stdin/stdout, pipes, unix domain sockets, even posix message queues would work. That part is more about your preference and use case requirements. Is it an Async or Sync signing requirement on message receive, etc.
An idea that someone gave me the other day for notedeck:
Spawn a signer subprocess that you communicate with over standard i/o. Launch this subprocess without network privileges (cgroups ?).
This subprocess would be responsible for signing things. Then you could make an option to swap this out for any other signer process on your system so you could run your own.
stdin/out interface with json would be simple to implement. Not sure how amber works but i assume it would be similar to that.
thoughts nostr:npub1acg6thl5psv62405rljzkj8spesceyfz2c32udakc2ak0dmvfeyse9p35c ? You have anything like this?
Discussion
making signing requests async is annoying but probably necessary for us since I don't want notedeck apps to have access to keys
Assumed async just by the usage pattern but it could be implemented both ways. It would just make the notedeck seem less responsive or not responsive until signage is complete.