Avatar
. 1y ago 💬 14

Here is how to create a safe new nostr key pair where the nsec is not entered into the nostr client, but stays secure on an Android device, using #Amber and #Amethyst over tor.

Download Amber apk

(I use the 'free' version)

Open Amethyst

Tap add new account

Tap log in with Amber

Amber app will open

Tap adjust and set your permissions

(I reject generic draft events)

Hit save

Hit grant permissions

Amethyst will open

Tap profile in upper corner

Select use tor/orbot

You now have a nostr profile where the nsec is not entered into the app. You can switch between multiple nostr profiles set up the same way.

I advocate for nostr clients to add NIP46 for sign in.

"The goal of Amber is to have your smartphone act as a NIP-46 signing device without any need for servers or additional hardware...

In addition to native apps, Amber aims to support all current nostr web applications without requiring any extensions or web servers."

https://github.com/greenart7c3/Amber

#nostr #introductions

Reply to this note

Please Login to reply.

Discussion

Avatar
. 1y ago 💬 2

Here is how to migrate your nsec out of #Amethyst and into #Amber.

Use Amber & Amethyst to keep your #nostr nsec secure 🔑

Copy your nsec key from Amethyst

Open Amber

Tap connect through orbot setup

Paste nsec into Amber

Tap login

Go to Amethyst and log out of account

Tap add new account

Tap login with Amber

Amber will open to permissions from account you are logged into in Amber in the background

Select permissions and save

Tap grant permissions

Amethyst will open

Tap profile

Tap use tor/ orbot

Now you have migrated your nsec to Amber and out of Amethyst for signing your events. Your nsec is now on your Android device and not in Amethyst.

This is how to cryptographically sign your notes with maximum control.

I encourage all nostr clients to implement NIP46 so as to be able to use Amber across the nostrsphere.

Avatar
Sergio 1y ago

I was wondering how to do this, thank you 🙏

Avatar
mutatrum 1y ago

Thank you ak6

Avatar
0xfa 1y ago

Great note, thanks very much!

Avatar
HorusB 1y ago

Y donde guardas tú nsec?, fuera de tu android. Por si fallará o te robaran el móvil

Avatar
Mî¢h&|3 Dëgli Ü3ę®tį 1y ago

Very cool, but i have a question (maybe a stupid one for a tech savvy). Why do I can still export my nostr private key through Amethyst client settings even if i previously logged in via amber on Amethyst?

Avatar
. 1y ago

There must have been a step you missed. I would guess that you didn't logout your nsec of Amethyst.

Avatar
Mî¢h&|3 Dëgli Ü3ę®tį 1y ago

Well. Now it works. No more private key management section among the profile settings.

It may be as you said 😅.

Thanks

Avatar
. 1y ago 💬 25

Here is how I would start from scratch to have the best private nostr device and experience. Time to level up npub!

Buy an unlocked pixel 7 or higher with cash

Flash with #Graphene OS

Download Tor browser

Download Obtainium

Add Orbot

Add Amber

Add Citrine

Add Amethyst

Add Minibits

Add Zeus

Add Oxchat

Add SimpleX

Add Robosats

Add NewPipe

Select all the apps to run through Orbot

Now set up your nostr profile

nostr:nevent1qqst3quznpsjvh5crsp90z5el4d7vuqv4ectlf8mr2qgxy9thqsd9gspz3mhxw309akx7cmpd35x7um58g6rsd3e9upzpmd5wqn399avtfslyalne52du4xx066ue5sw7rva72d7rp59hvqyqvzqqqqqqyz9jxw2

Turn on Citrine and add it to the outbox relay settings in Amethyst. Add trusted relays as they see everything you do.

nostr:naddr1qq9hyetvv9uj6um9w36hqq3qgcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqxpqqqp65wjvcq4q

To add a zapping wallet open Minibits and get a free LN Address and add a mint. Now paste your LN address into Amethyst in your nostr profile.

Once you have 100k sats open a self custodial LN channel with Zeus Wallet using their LSP.

You now have an anonymous device, running over Tor, with a nostr signing device on the phone, nostr running thru orbot vpn, with a nostr relay on the phone, with a privacy preserving wallet with no personal info attatched.

For private encrypted DM log into Oxchat using Amber.

You can host your own onion nostr relay and a SimpleX server using a DIY Start9 home setup.

For purchasing No KYC sats use Robosats.

For watching and downloading videos use NewPipe.

Use Freedom Tech to stay private & sovereign!

Avatar
lunaticoin 1y ago

Have to try it! Thanks for the note

Avatar
Olive Grove Eggs 1y ago

What's your view on a dedicated hardware signer? Keeping our phone out of the equation. Presumably usable across all devices.

Avatar
Freedom Tech 1y ago

Somewhere Orbot needs to be installed, and don't APK signatures need to be verified?