Nostr Web Client

For all the Nostr developers out there I challenge you to use your apps in manual approve mode ( no automatic signing ) with a signer like alby or amber. I'm willing to bet it will be almost unusable

I would say at least half of the apps I've seen built on Nostr just don't work unless you give the app full control over your key, by either pasting the nsec or giving it automatic signing privlages.

This is bad UX and shows that the app does not respect the user at all. What's the point of having cryptographic signatures if I can only uses them in "sign everything" mode?

I will zap you 10k SATs if you post a screenshare in the next day or so of how well the app works or doesn't work with manual signing

hzrd149 7mo ago 💬 1

nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn screen recording of trying to use flotilla in manual approve mode. also it does not let me reject signing anything

https://cdn.hzrd149.com/539f12c9efc4816fa1d5a69445c0475390bee10d7307ba8e3d49c7fef079e3c2.webm

https://cdn.hzrd149.com/28d77c9ddfe9cde71319670298ef48cb07436dc3a77172de24d2c24df18612d1.webm

Reply to this note

Please Login to reply.

Discussion

hodlbod 7mo ago 💬 2

I'll look into making it fail more gracefully. There is a trade-off between scope and trust though, and for coracle and flotilla I'm on the wide scope and high trust side of things. A lot of these approvals are used to probe relays to figure out what the user is allowed to do. I don't think every client should necessarily be sparing about signatures. "Sign everything" is a valid mode for some applications.

hzrd149 7mo ago

that's a fair point. it would just be nice if I could reject some of those and still have parts of the app work. or at least make it request the signatures when it needs them instead of when the app opens

hodlbod 7mo ago

Yeah, it could definitely be more graceful