Log in with bunker is so dumb. No normal person will understand what that is. If this is our best UX we’re toast.
Discussion
THINGS NEEDS TO BE EASY. FEW DEVELOPERS UNDERTAND THAT!
People actively make things harder here because “proof of work”. Purely retarded. Ya go ahead and watch this protocol go absolutely nowhere
You're on iOS, I guess?
Because browser extension or Amber (Android) auth is as simple as using Google/Facebook/Github SSO, if not simpler because you don't have to fiddle with different cluttered frontends and dark pattern UX shit working against you to manage existing sessions.
I use extension on web. It’s the easiest but doesn’t translate to iOS well.
Amber is great but still shows too much technical details imo
agreed. but also a hard problem to solve. what if there really are a lot of decisions that only the user can make (like granular permissions)?
Amber does a pretty good job with the initial prompt : "I'm a bit paranoid / let's be reasonable / I fully trust it"
you can't get a whole lot simpler than that without making decisions for people opaquely. the promise of "You are the impenetrable fort Knox of your digital identity and there's nobody to call for help" just cannot be followed up with "and it's completely trivial to achieve this perfectly, just press this one button"
I’m going to look into it. Just got an idea. 💡
I’m making multisigner extension atm
I would be content with it if it worked. It rarely does.
Maybe it’s time to generate keys with SSO … tie the login to google login or apple
I don't know what SSO is, but personally would like to keep Google and Apple out of my digital experience as much as possible.
Having the option for normies may be a necessity though. The sheer brain power it takes to hold a private key is a bridge too far in 2025.
We either admit that self custody of your identity is technically hard and we don’t need to scale to a mass market audience, or we try to build something as simple as Bluesky and realize that true decentralization might not be for everyone.
I bet we can do something in-between
I asked nostr:npub1yaul8k059377u9lsu67de7y637w4jtgeuwcmh5n7788l6xnlnrgs3tvjmf if he thought there could be a way to use passkeys to sign events in native apps but I guess the encryption methods are not compatible.
Is this really that hard on amber?
Step 1 create an app in amber for the application requesting a bunker
Step 2 copy the url from the app to the site/service
Step 3: approve permission.
This isn't that different from current ux when adding 2fa on mobile devices.
There are 2 bunker formats and no way to even know which you’re supposed to use. It’s insanity.
That seems weird. The format I'm familiar with and use is bunker://
Just checked the nips docs now and you are right. I would imagine the second format (nostrconnect://) is something the client needs to generate for users to copy and paste in their signer while the first format (bunker://) is purely generated by the signer and pasted on the client.
Ideally IMO, the nostrconnect format from a ux standpoint should be abstracted away into a button which signers can react to on mobile (deep-linking)
I will agree with this note until I understand how bunker url works!