Replying to Avatar alp

#NoorNote is a desktop client, and there's a good reason for that. We all love how Nostr can't be censored, right? But there's still a weak spot. A web client gets hosted on a regular web server, and that can get taken down or blocked with just some everyday bureaucracy. It hasn't happened yet, but "they" haven't really noticed Nostr either. It's similar with mobile apps; app stores can take them down or block those too.

With desktop clients that you can download from all sorts of mirrors around, and that only use the internet to shuttle stuff to and from relays, it's way harder to mess with. And if you're on Linux, even more so. To me, that's real peer-to-peer.

So a Nostr client as a desktop app has its upsides, along with a few downsides. The ecosystem right now isn't all that exciting. But I think it's the future for every kind of Nostr client, not just the social media part, especially the "other stuff" part of Nostr. Nostr clients that run on a web server will soon be considered a leftover from the transition days.

One direct result of the still weak ecosystem for Nostr desktop clients is that there's no decent desktop key signer out there. You can enter your nsec directly, and the security risk isn't as bad as doing it in a web client (since you'd have to trust the web client operator), but it's still there. Malicious software on your system could still snag that nsec. A hardware remote signer is better, but not many people have one. So what's left?

A software key signer, like Alby, nosx, Flamingo and so on, except those are for browsers. I couldn't find one for the desktop, or maybe I'm just not looking hard enough.

Anyway, I wrote my own desktop key signer: NoorSigner.

It'll come bundled with NoorNote, but it's a standalone project and other desktop Nostr clients can use it too. It even has an API to control it right from the desktop client!

You can run it automatically before starting the Nostr client; it's a terminal app written in Golang.

First setup: On the first launch, you paste your nsec into the terminal, set a password, and pick a "trust mode." That means whether you want to enter your password into NoorSigner every time before starting the Nostr client (like on shared computers), or you trust your machine and let the NoorSigner session stick around for 24 hours. But even then, you'd still need to enter your password at least once a day into NoorSigner.

Like I said, I still need to write up some proper API docs (who actually likes writing docs?), and then other desktop clients can use it too.
Avatar
ابو مريم 2mo ago

Would love to test this NoorSigner with Flotilla.

Sounds like you're going the direction of KeyChat with the desktop client. I've been moving most of my web client browsing to their browser mode cause it's just so good and smooth

Reply to this note

Please Login to reply.

Discussion

Avatar
alp 2mo ago

Does Flotilla run on a desktop computer?

Avatar
ابو مريم 2mo ago

Flotilla has both web and mobile clients. It's been my main client for testing signers.

Avatar
alp 2mo ago

Sure you can test it. Which OS?

Right now I'm adding NIP-44 encryption/decryption support for private bookmarks to it.

Avatar
alp 2mo ago

But Flotilla needs to support local key signers too. Does it?

Avatar
ابو مريم 2mo ago

I believe so

Avatar
ابو مريم 2mo ago

https://app.flotilla.social/

Login page has options for browser extentions, remote signers, and signer apps

Avatar
alp 2mo ago

That's different, that's web. And for that it uses Alby, nosx, Flamengo etc. The question is, does their desktop app support locally installed key signers?

Avatar
ابو مريم 2mo ago

Wouldn't that be remote signer option?

Avatar
alp 2mo ago

No, a remote signer is usually a piece of hardware, like the one from lnbits (https://shop.lnbits.com/product/nsec-remote-nostr-signer )

Avatar
ابو مريم 2mo ago

This is using nostr connect though, right. Pretty sure that's the same method as the remote signer login option.