Nostr Web Client

I've been continuing to mull over the sign-in flow for Nostr apps. It seems more complex than the legacy system because of the need to account for more than one method of authentication: extension, public/private keys, nostr connect.

https://void.cat/d/YFiXaAVnb54ifi9FKmtsui.webp

Even if one method becomes standard in the future, I think there's still a question of how to accommodate users who continue using older methods. Examples and more thoughts in thread 🧵. cc nostr:npub1r0rs5q2gk0e3dk3nlc7gnu378ec6cnlenqp8a3cjhyzu6f8k5sgs4sq9ac / nostr:npub1x6gxrjdpacjc62x3y0e4lyfedzyy65kyj29t0026g4z0el2g70esc0rtxj

Tags: #ux #design

Reply to this note

Please Login to reply.

Discussion

jonb 2y ago

I like how Kiwi is on the cutting edge and offers Login with Nostr connect. But, it is challenging to explain these options, especially to new users.

https://void.cat/d/5VY9tFHKVys2o4zzWb6xvP.webp

jonb 2y ago

I like Coracle's approach in promoting one method for signing in as primary and having other options hidden behind a button or dropdown. The question here, would be what is the primary method that is best to promote? Is this just something that needs to evolve over time?

https://void.cat/d/Q57AjKxftZyzU1H3TK1TjU.webp

jonb 2y ago

I like how Habla's modal explains how things work and provides links to helpful resources, but it is a lot to parse in one go and may be overwhelming to users.

https://void.cat/d/QVviD1Exw7aXmn5oktKWwW.webp

jonb 2y ago

Also related, does it make sense to try and align on a particular logo & colors for recognizability when signing in? The value would be that users can see a common logo across apps and quickly realize, "Ok, I've used this before, I know I can log in here."

https://void.cat/d/XTKGqS4yhthFA3k1mvQpUN.webp

Jingles 2y ago

That’s why added Tony’s article to explain more. Also what’s lacking right now is onboard for new users.

HoloKat 2y ago

The current consensus seems to be pushing towards an alby login. But with things like nsecbunker we could see some changes. I haven’t heard anyone defend nsec login input yet.

This is an ongoing topic of discussion.

jonb 2y ago

On nsec login, although definitely not ideal, I wrote up a case for accomodating it at least in the short term.

nostr:nevent1qqs29k4qhumjc2xewtr2scchzm428c3sfjvf5euzqyk3sdhpw4770yspz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzqddgl8qzwtq3nf3q737q2hydkw0flqzlaudj959h5s433y63mtnxqvzqqqqqqy7v8582

HoloKat 2y ago

I agree. Various users will have different risk tolerances and it’s ok if they screw up and leak key. At least in the short term until we have better solutions. Perhaps we could emphasize extensions but offer a nsec login option tucked away, explaining the risks.

Hopefully nsecbunker and things that follow it solve the issue.

I think most users won’t bother with mobile logins at all. I don’t even bother myself 🤷‍♂️ and that’s a lot of people who will never experience nostr on mobile.

StackSats.IO 2y ago

Have been thinking about this problem for months now. I’ve got 2 drafts I need to merge together and then I plan to put up and fund a project for it next month as I believe we’re missing out on the fundamental differentiator for #nostr with the separation and sovereignty of identity.