6 hours in to figuring out remote connect with Amber.
None of the libraries work. The AI is stumped. The relays are wonky. There is apparently no documentation.
Discussion
I thought the NIP for remote signing was relatively straightforward. Does Amber depart from the NIP specs somewhere?
I have no idea, but I might take another run at it.
Here's some of the dirtiest code I've ever written, but nak bunker is fully working, with QR codes that are easy to scan on mobile and nostrclient token support for clients that don't accept bunker URLs.
Fiatjaf has implemented persistence and profiles. So now nak bunker is usable as a true signer, not just for dev purposes.
QR code support has been merged to master. The nostrconnect stuff wonāt make it in as-is. It's dirty, dirty stdin hacking and fiatjaf no gusta. Still, it works. Just point nak bunker to some relay other than relay.nsec.app, nos.lol, etc.
Iāve had zero login failures in the past three days, while with Amber + relay.nsec.app, signing is failing at least 20% of the time:
Yeah, Amber is wonky, but I think it's that relay. Adding more relays seems to help.
A lot of clients wonāt let you pick a relay, unfortunately. Some even have a textbox for relays, but itās often broken.
The strange thing is that Bunklay used to work well for me. And I donāt see any error messages in the logs... With nos.lol, for example, I at least get errors telling me to send notes with PoW 28 or warning me about rate limits. But with Amber + relay.nsec.app simply doesnāt forward signing requests. Everything fails silently.
I donāt know if relay.nsec.app has adopted more aggressive anti-spam policies or if this is a connectivity issue. Iāve noticed that a lot of people facing issues with Amber + relay.nsec.app are in Europe like me. Plus, when I ask folks in the US to reproduce the issue, they canāt (tagging nostr:npub1h49w8en79xty6j2pwgnpm3znjhyf767jua6xgt3kvyn3w80ms86s2z9kay just in case he knows anything about it).
Anyway, nak bunker seems to be working well. Maybe itās the naive, totally ad-hoc, non-production heavy nature of the code (sometimes simple work) but even with relay.nsec.app, things are working better.
I may add a setting to Haven to allow Kind: 24133 events from outside the WoT. Still, every time I do this kind of thing, I end up regretting it. Ideally, we should have more NIP-46 specialised relays, and clients should take the time to both fix their NIP-46 integration and pick two or three trustworthy default relays when creating nostrconnect tokens. Having about every client out there defaulting to a single relay is just... Not great.
Yeah, it's unfortunate.
But I think you can use Damus and Primal and Band for it, as well.
Agreed. Honestly, this is a noobie question, but is there anything special at all about kind 24133 that requires special relay software?
I'm not being sarcastic here, it's a genuine question, maybe folks want to restrict queries, require auth or promote lower latency + some more relaxed policies given the sheer amount of notes. Is there a legitimate reason to centralise signing in Software like Bunklay or is everyone doing it just because? nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5, I assume that you are the right person to ask here?
Any relay that accepts ephemeral events should work
Paid relays don't work for this because clients need to create a new keypair for each login
Auth relays can work but no clients use auth for the bunker stuff so I wasn't able to test
What can happen with public relays like Damus is that it rate limit you
Yes. It's silly but relays like nostr.mom and nos.lol ask for PoW for Kind 24133, damus and nostr.band quickly starts to rate limit, and as you said, a lot of clients won't do auth. Also there's mostly no easy way to whitelist specific pubkeys as a lot of clients use random client keys. This is my main problem with supporting NIP-46 (and NWC as well) with Haven. For most clients to work properly I would have to allow everyone to write Kind 24133 notes. Shouldn't he a major problem given that these are ephemeral, but still... We need better NIP-46 libraries for clients so that I can at least require AUTH and whitelist a few client pubkeys.
I whitelisted kind 24133 on wss://thecitadel.nostr1.com . That's our public relay.
Could maybe also use wss://freelay.sovbit.host from nostr:npub1gnwpctdec0aa00hfy4lvadftu08ccs9677mr73h9ddv2zvw8fu9smmerrq .
I'll be working on the spam filter when I get home from a potluck this evening. I can make sure that kind is whitelisted for yall.
š„° Thank you!
Thanks, both. This will definitely help!
Access to TheForest was the best 300 sats "investment" Iāve made on Nostr :)
Siberengel, just a heads-up from someone a bit disappointed withā¦ well, humanity in general (you have to be a special kind of person to attack an unfunded open source dev paying for their infra out of pocketā¦ but alas, here we are):
I may be preaching to the choir here, since youāve been running TheForest for a while and have probably whitelisted other kinds of notes beforeā¦ but do set tight policies and keep an eye on your observability tools.
I donāt know if youāve had to deal with āenthusiastic fansā āimproving Nostrā beforeā¦ but folks can be very ingenious when attacking relays. Iāve had to deal with a bit of everything, from carefully crafted queries with complex filters designed to choke Khatru, to bots writing massive notes until the relay runs out of disk space.
Hopefully Iām just being paranoid here and folks wonāt try (or manage) much with an exotic ephemeral kind. But sadly, on the internet, good deeds rarely go unpunished š¤£.
Yeah, we had to think, for a while, before determining if thecitadel should be public. It seems to work because it contains no "social notes" (kind 01 or 1111), but cloudfodder sometimes has to deal with some craziness.
We might eventually move to AUTH without a whitelist, as needing to do that ping-pong authorization slows them down.
I think the 300 sats are a good deterrent. But TheForest does accept social notes, right? (At least for "paying" members?)
Ah, on that front... The script kiddies have evolved. AUTH no longer deters them, unfortunately... But it does deter... like 90% of clients on Nostr from writing to and fetching kind 24133, unfortunately.
I mean, AUTH does help a bit, PoW above 28 also helps a bit, but other than charging some sats or a strict WoT I haven't found a good solution for public relays yet.
We have an AUTH mirror for every non-auth relay, running on NFDB.
TheForest accepts social notes, yes. It accepts almost anything, but only for community members. TheCitadel accepts from anyone, but only certain types.
Got it, makes sense. I had both relays mixed up. The NFDB mirrors are a good idea... Then it becomes Semisolās problem, and Iām sure heās dealt with every category of Nostr attack at least twenty times.
Unfortunately, thereās not much we can do about NIP-46 libraries that wonāt use AUTH.
Assuming this can be made to work on Nostr1, maybe itās worth considering whitelisting kind: 24133 without SATS and AUTH on TheForest as well? I have nothing against TheCitadel by any means, but since Iām already using TheForest as a write relay, it would be convenient to use it for NIP-46 too.
If this doesnāt bring too much additional inconvenience (though Iām aware anything public on Nostr comes with some pain), itād be brilliant for sure.
Okay, added it. nostr:npub10npj3gydmv40m70ehemmal6vsdyfl7tewgvz043g54p0x23y0s8qzztl5h That should override the whitelist controls, right nostr:npub10npj3gydmv40m70ehemmal6vsdyfl7tewgvz043g54p0x23y0s8qzztl5h ?
Tausend Dank!
On Amber I'm getting "Paid relays are not support message. nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5, I assume this will fix it once released? https://github.com/greenart7c3/Amber/commit/8c25535aea8898a61064638a77ba07a0a8dd61f6
Yes, in the next release it wont show this message
Working well! Just tested with my bastaderised version of nak + Jumble, noStrudel, Amethyst and Nosotros, both bunker and nostrconnect tokens working well over TheForest. I've also tested it with both a npub that is whitelisted and an external one.
I've rebased the PR above on top of Fiatjaf latest changes to nak if anyone else wants it. Thanks a million again!
yep! this is the right move for these obfuscated pubkey type services.
Thanks š«
It turns out that Amber wasn't as hard to implement, as I'd thought. The relay was just unreliable.
nice, i saw nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5 gave you a code snippit a few days back, do you think this info is easy enough to find on the amber github? if not, maybe you could do us future implementoors a favor and PR it for them?
Beyond Amber-specific code snippets, NIP-46 (https://github.com/nostr-protocol/nips/blob/master/46.md#direct-connection-initiated-by-the-client ) itself needs some love.
For example, while implementing the Direct connection initiated by the client flow, the NIP states:
1. That a secret value must be provided to avoid connection spoofing, and that clients must validate the secret returned in the connect response.
2. That the connect command should return either "ack" or `
So I knew I needed to return the secret in the responseā¦ Still, I had no idea that most clients expect a response containing exactly:
```
{
"id": [secret],
"result": "ack"
}
```
I had to reverse engineer this from client libraries. It would be nice to clarify this kind of thing in the NIP itself.
By the way, tried to zap you, got a timeout from Alby just for a change :).
Thanks, anyway. The server was down, yesterday. Took our NIP-05s out, so I noticed quickly, but it took a while to resolve.