Nostr Web Client

What is truly wild about #nostr is that everyone is a peer. So it doesn't matter if the client initiates the authentication transaction or the provider.

So I built both options - especially good for a provider (physician) who has a crappy desktop without a camera, but the patient has their phone.

Or vice-versa - a physician with a phone in the field needing to authenticate to someone's crappy camera-less tablet.

The challenge and response is handled invisibly via websockets and NIP-17-like DMs. 100% secure and no authentication overlord in the middle.

Honestly, I don't know of any system that can authenticate like this, and you get this practically for free (with some engineering) in #nostr.

Reply to this note

Please Login to reply.

Discussion

Tim Bouma 11mo ago

This is the type of crap I no longer have to deal with.

https://zolder.io/blog/phishing-for-refresh-tokens/

freecritter 11mo ago

Sounds like what nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z nostr:npub1hqaz3dlyuhfqhktqchawke39l92jj9nt30dsgh2zvd9z7dv3j3gqpkt56s and nostr:npub1t8pwzkkhhs94e9acgw9jwca9csyl7a4tnpdttu05039um5j7d6xs72gkvf are working on.

Tim Bouma 11mo ago

Yes. I am collaborating with them.

paranoia machinery 11mo ago

I just met a guy named Fabian in El Salvador that was working on something like this