Yeah, I am beyond excited for this! I now have something to show to my norm colleagues without forcing them to drink any koolaid.
I am also excited about login with nostr DM - I never thought of this possibility, but now I can’t unsee it. I am implementing it for login into nostr:npub10penj5dqgdw6yez25hd7vgcvcp3ys3qn9fh7yyl9j9cte37a8pcq7jycdm
The DM login thing is a bit of a hack that we started doing for purple, but it was never meant to be a permanent thing.
https://github.com/nostr-protocol/nips/pull/1042
is preferred
Although even this is pretty sketchy. I would feel uncomfortable pushing this as a nostr login solution, because if your key leaks then anyone has completely open doors into all the websites you visit, and theres nothing you can do to stop it.
I like simple. Sending ecash by DM was also called a hack, but, heck, I like the simplicity. I also like the approach that all security is vested in protecting the nsec. Safeguards can be added in where required. The other thing I like is that login by DM and ecash by DM, I can implement without waiting for a nip. It's all about experimentation for now.
Same goes for nip04 and nip05. Simple. I'll manage the risks for now.
I’m working on a nostr webapp and intentionally not using a nostr sdk. my current approach is depending on an extension to sign a nip-98 event to prove control of a pubkey and post it back. this breaks down on mobile so I was thinking I’d send a challenge thru dm to support mobile. wdyt?
