nostr:npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5's Amber Signer is now an official NIP. It was just merged. 🚀
Devs working on Android apps (Native or PWAs) should not allow nsecs in their apps anymore. Amethyst will start to deprecate our nsec-based logins in the upcoming versions.
Do you know any nip05 that accepts amber as a signer ?
this is awesome... signers should always be external, it's just basic security design
nostr:npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr stop wasting your time on doing signing in the app! and get auth working!
Good thanks
I’m working on something to help with onboarding new users to nostr.
How do you see new Users coming in to Amethyst?
They usually come on word of mouth (a friend inviting them to join) and usually drop into our chat to say hello and get the initial tips.
Ok. What about a random coming from Xitter because they don’t want to KYC over there?
They download Amethyst and then what? They’re gonna go to a key signer app and then come back to Amethyst and then get started?
Humm.. yeah I havent thought about this with Amber. We gotta figure it out. Usually they just create a new user on amethyst.
Random people coming from Twitter because of KYC has always been minimum. Every new user wave has been triggered by either influencers or word of mouth (what's app style).
Xitter is introducing KYC for monetised users (ie bluechecks) from July 1.
People over there aren’t happy and it’s getting worse in future with Gov regs across the West.
I’m creating something to help direct onboarding because per your point, if we can even get a handful of influencoors with big followings to join up we’ll see waves joining in short order when they encourage signups.
I think ideally new users create keypairs in client and move to key signers later when they want to connect with other nostr services.
Do you think there’s a more frictionless onboarding flow?
cc nostr:npub19yeqjawls407xjnmgkk6yss7936pcd7qzd5srlj8wye6j8433vrsjazqwk
Maybe i should add support to nostr connect first.
> Devs working on Android apps (Native or PWAs) should not allow nsecs in their apps anymore.
Sounds exaggerating.
Heck yes! Finally. Been using Amber for a couple months now and was finding it hard to believe how inputting nsecs was still a standard. A necessary step for nostr but good riddance.
Huge. This will drastically improve security for users overall. We shouldn't be inputting our private keys into applications unless it's a key signing application or extension or similar.
This is fantastic. The nsec will be as valuable as seed words soon. It should be protected.
