I don't know what he's precisely referring to, but I spent about twenty minutes, last week, trying to login to Coracle on my laptop, using Amber to sign in, and nothing worked.
Discussion
Scanning the qrcode or pasting the bunker URL?
Tried everything.
Figured it was Coracle. That's full of bugs, now. But it might have been Amber.
But, I've never managed to login to a website from Amber, other than Nostrudel.
Yea, it's a pain to use web apps with a bunker
Tried to talk to web devs many times but none of them add a simple connection check or show the relay and signer error messages so the user and the signer dev can see if it's the client, the relay or the signer having problems.
In amber when a there's a problem sending the event to the relay I try to show a message for the user and there's the logs in the settings which is a bit hard to read
Let me see if it works, now.
Did you enable Tor? Is the orbot app running?
I have Orbot installed, but not running.
Is it enabled in amber settings?
Hmmm. I just disabled it in settings.
It seems to have put the broken nsec Link in my Amber connection list. Let me delete that and try again.
Same.
Are you using citrine as the bunker relay?
It's nsec.app relay.
Do you have multiple accounts? Turn off Tor on those accounts too and let me know if it worked
I turned it off on all accounts and then I wanted to double-check that it was really off, for one of them, and clicked one level up in the account list and now the account list icon disappeared. It sometimes does that. Just goes away.
Stop and restarted and now it worked. 🎉
Glad it works. Very frustrating, to always be stuck with a browser extension, as I don't want to use that on every browser on every machine.
It took me a while, to turn it off. I have all of my organisation and test accounts on there. Also don't understand why I need to turn it off, there, when I've turned off Orbot. Shouldn't it detect that Orbot is gone and turn itself off?
Or, could the error include some sort of informative text, suggesting that the user make sure Orbot is off and that they should also try changing the Orbot connection in the settings?
You could actually detect if they were on and offer the option to turn them off, to continue. Probably the most user-friendly and transparent route.
yeah, i'm pretty much nah for nostr on mobile, jumble doesn't fit a portrait display well and this stuff about the signer not recognising my nsec is super annoying... i got better things to be doing than writing a decoder tool to get the hex
Do you mean on this page?
I can't tell which feature you are referring to? Is it something from the command line?
yep, it's not accepting my nsec, the same one i'm using fine right now with alby
there is something wrong with the java/kotlin bech32 codec, i'm sure of it, i encountered this same issue previously with that now abandoned one, what was it called... closed source one, i had to also decode my nsec to hex to get it to recognise it... plebstr, that was the one, it had the same problem
i used the qr code scanning function after making a QR code on my desktop with the npub as it would be if you pasted it in there, i'm quite sure there was nothing wrong with the text
i may end up writing that decoder tool and then see if re-encoding it makes a different text because it's possible it's the checksum and not the actual data (really it can't be the data)
Ah, I get it. Are you trying to implement Amber with your client? If so, that would be very cool.
no i was just trying to use coracle on my mobile after an upgrade, which now disabled the previously saved nsec, and it wouldn't accept my nsec from scanning it from a QR code, the text looked right in the input box but it said it was invalid
Ah, okay. Also, that would be very cool. 😁
Would it even be possible to use Amber over the API? Or do I just sound confused?
amber is just a signer, it doesn't dispatch the events to the relay afaik
Yeah, I meant, if it would be possible to use it to sign. Instead of a browser extension or something on the command line.
i didn't know amber had a pc based version, i thought it was only for mobile
but yes, i'd say so, that's all it does, it has a list of rules about what it automatically signs and what it prompts and what it rejects and you just fling unsigned events at it and it signs them and returns them
Yes, apparently. I also thought it only worked on mobile because everything else gave me an error, but that was apparently Orbot interfering.
Amber is always on Android, but the PC client can generate a link, display it with a QR code, and then you just take a pic of that with your phone and open that in Amber, and it signs. Pretty cool.
is it a bunker?
i assume once you do it one time it keeps on working, i'm guessing that the QR code has the bunker address thingy
Yes, the code is just bunker://
So, your API could just show a QR code. Just checked. Yes, you could have a QR endpoint. Cool.
you mean where it provides a bunker address to a caller?
i don't really know how bunkers work exactly, just the vague idea they involve ephemeral events and the relay acts as a middleman to pass the message between the signer and the client
what i mean is, i'm pretty sure it is just a regular event so it goes through the /event endpoint that publishes events
the /relay endpoint could be used instead for this, but the ephemeral kind designation has the same effect (i just want to have an explicit call for relaying for future work, like the IRC like protocol i have in mind)
I'll see it I can check if orbot has something to check if its on. Also I'll change the tor settings to be a general settings and not an account settings
most browsers don't let you connect to localhost sites from remote sites no way no how
the only way it could be made to work is if you had a wireguard tunnel set up remotely with a remote address (DNS or just IP) that the local bunker or personal relay connects out to in order to make the round trip
the other caveat is that because the inbound connection has to go out to the remote address first you are essentially sending signals in a loop out to the remote and back to talk to the local device
it is vaguely possible that if you simply have a wireguard address for the bunker it routes directly to the address of the local device, and another possibility is using the hosts file to spoof that the address is remote somehow, i dunno what is possible but this is one of the most irritating things about web browsers
possibly if the app was also hosted locally it would bypass this limitation
as in, to have the web app served from a server on your own device, this would work for android almost certainly, but i think this also means the web app must be served by a native application (network service), this could be done with Go or with kotlin or java or similar, after all, it is just delivering a bundle of javascript to the browser
Yeah, it works with my mobile browser, but not the laptop.
the mobile is running orbot, right? maybe amber and citrine know to set up listeners on the tor network? if so that means that you are behind a 6 hop round trip to random tor nodes to access the server on your own machine
I just turned Orbot off, but maybe it's still causing trouble.
And with jumble.social? Works?
Works now. It was the latent Orbot connection.
nostr:npub1syjmjy0dp62dhccq3g97fr87tngvpvzey08llyt6ul58m2zqpzps9wf6wl A QR code would be a real blessing, tho.
Absolutely right. However, nostr-tools doesn't support, so I'll need to find some time to implement it myself. It might take a little while.