Replying to Avatar HoloKat

What’s the alternative? Installing alby? It’s a terrible UX for a new user who is used to entering password and being done
Avatar
anemone 2y ago

That’s the trade off for not being tied to a specific instance

Reply to this note

Please Login to reply.

Discussion

Avatar
HoloKat 2y ago

Not gonna scale whatsoever.

Avatar
verbiricha 2y ago

An alternative would be to use npub to log in and only ask for nsec if the user wants to sign an event. I think is worse UX though. Can't make everyone happy.

Avatar
HoloKat 2y ago

We need an “account” recovery process because people WILL mess up. That I can guarantee.

Avatar
El Hodler 🌋 2y ago

It's not that hard to store an nsec... Just like it's not hard to store a 12 word seed phrase.

Avatar
Leo Fernevak 2y ago

Agreed, but only if that account recovery mechanism absolutely can't be used to steal people's identity. It has to be thoroughly investigated for all sorts of scenarios.

Avatar
anemone 2y ago

that still ultimately requires putting your nsec in an untrusted website which is a bad idea. I think the most "normie" friendly way to do things would be to ultimately be to have a way for people to delegate key management to "identity providers" that people register for with using a regular email that then handles their keys and signs messages over https (and does nip-05). This of course requires trusting the identity provider but provides account recovery and still provides the advantage of not being tied to a single relay.