Nostr Web Client

i kinda stopped using amber.. why? because apps ask for too many permissions and abuse our nsecs. to use any app you have to approve all anyway.

better would be apps using device keys for all that garbage and my nsec just for when i want to send a message.

Freedom Tech Co. 4mo ago

We generally recommend the device key approach wherever it makes sense. It's used exclusively (save for kind 0 and WoT DMs) in Trackstr and nostr:nprofile1qqsdjx9yymrv7q50cwt2zm076q732lwzx4tz0za5rjg3hzqaxcearaspzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz79lc9uc, and for nostr:nprofile1qqsxhugzf33nvzfmvvkm9k3pkedyf37c9qcy2na56atrfw3grctpeyqpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7cl24cn we do a lot of signing with ephemeral keys to avoid the same problem

There's more we'd like to improve, such explaining why a permission is required post request / whilst waiting for the signed event

Users should never be expected to "accept all", steer clear of apps that require too many permissions.

Reply to this note

Please Login to reply.

Discussion

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 4mo ago

a signature with an ephemeral key is meaningless.

the apps should be starting out with a thing to show ALL of the required/optional permissions and bam, done. this is partly an issue related to the permissions system. android even has this, where you have to permit like 4 different things on first startup. the signers could improve on this by allowing batch pre-authorizing these actions, you can exclude the ones you don't want (the signer should explain the implications) and never be asked again until the app is upgraded and needs new permissions.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 4mo ago

also, another feature request for signers:

whitelist or blacklist based on relays