Nostr Web Client

nostr:npub1l3cgtsurhfchg4cyhhqudm70074sr96srhje330xc5m6czej5n9s9q6vs2 has some ideas of how to use passkeys in a smooth cross-app syncing flow. I don't know all the details and I'm not 100% sure it works, but it may work pretty well for some users.

arthurfranca 4mo ago

Yes, I'm gonna use passkeys to help simplify nostr key management when accessing nostr apps. The nsecs will be importable/exportable. All the pieces are almost in place to put it online for everyone to test. I just need to go back to drinking coffee or someone to whip my back.

Passkeys have become better with time. We don't need Apple/Google/MS/some-linux-distro-support anymore. E.g. Bitwarden (can be self-hosted) has a browser extension and native apps, supports passkeys and syncs keys across devices no matter the OS.

Reply to this note

Please Login to reply.

Discussion

Leigh 4mo ago

Nice one.

Are the Bitwarden passkeys bound to one site/app, or usable across them all?

Are you using PRF derived keys like https://github.com/ocknamo/nosskey-sdk ?

Garbage nsec 4mo ago

That's interesting. We looked at the software-vault option for a related thing some time back (B2B use case, not Nostr keys) but the issue we hit is when any app requests the creation of a passkey on iOS, it's up to the user to decide where to store it, the app has no control over that, cannot force the user to a specific provider (I guess FIDO mandated). And pretty much every time user goes with hardware passkey and keychain.

Is there now some way to influence that choice besides simply telling the user what to set up and choose beforehand?