Honestly, you could show everyone that is currently online just by looking at their activity no?
I'm not advocating for transferring keys everywhere and I'm working on a solution that avoids and disincentivizes it when not warranted (95% of cases). Again, above is what I'd do for nsec creation, memory and ease of transfer. Not because I'll make them enter it everywhere.
Putting the keys front and center matters.
Doing that is not at all what people are used to.
The more fun and agency I can built in, the better.
And the smaller the attack surface will be in the end.
Give normies an nsec and see what they do with it. Fun assured 😂 .
Aha, wasn't just me 👍
My kids are naming their booth for farmer's market "Cookie Comrades". nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgwwaehxw309ahx7uewd3hkctcqyrv3ry0rpcqygju59s8g9jk5wzej4ut3wexzyad7uz7ejdm7l4q82nv0ehg would be so proud.
If that proves to be good marketing you have a problem sir.
GM threads going deeper than I could ever imagine then lol 😂
I’m not sure why “remembering” one’s private key would even be a UX goal? If the problem is secure storage and transfer, why not just solve for that?
Your design requires users to remember an emoji-grid-line thingy AND a password. A simpler “encrypt the nsec” solution only requires a single password to remember.
The NIP49 (ncryptsec) encryption standard for nsec allows for private keys to be copied and and pasted, stored locally, and yes even stored “non-custodial” in the cloud, WITHOUT having to remember anything more than a password.
https://github.com/nostr-protocol/nips/blob/master/49.md
I’ve already implemented this in an onboarding flow for “normies” that generates and stores encrypted keys (and Nip05), simply by entering a username and password. How is this NOT a simpler solution? (Honest question)
Secure storage and transfer are the goal indeed.
Encrypting the nsec locally should be default and NIP-49 has great promise. Especially if it's easy to check whether a FOSS app implemented it and does ONLY that with your nsec. Very cool things you can do then.
Issues I ran into though:
1. How do you transfer the encrypted nsec to another device? Once it's out there, it's out there and your single password will be hacked in no time.
I thought of automatically sending their encrypted nsec to their phone number or email on sign-up with a sign-up link for other devices etc... But nostr:npub1ye5ptcxfyyxl5vjvdjar2ua3f0hynkjzpx552mu5snj3qmx5pzjscpknpr quickly made me realize how dumb that was.
2. How do I onboard users to actual keys (nsec + npub), give them agency, make it fun and have it work for every language?
3. How do they secure their key beyond their device? 12 random English seed words on paper, really!?
4. NIP-05 + password is the worst of both Big Tech and Nostr. (it took me a while and actual tests to see why)
Normies do NOT understand it. It's not an email but looks like it. Why can't they use their own email? Sometimes it's hosted locally, sometimes it's in the cloud. It has a delay. It relies on domains being available. Etc...
Is this a hard algo to implement maybe?
As in, does it take significant computation to crawl through all those replies on replies?
Still I'd pay for that compute if it can give the deepest recent convo-threads (especially with WoT).
nostr:npub1nxa4tywfz9nqp7z9zp7nr7d4nchhclsf58lcqt5y782rmf2hefjquaa6q8 , just an idea 😜
Yup, good website for raw milk indeed.
But in Belgium it's an adventure still 🙃
Yeah, this surprisingly useful indeed!
Notifications will get pretty wild on Nostr.
Most small apps will absolutely suck at them.
I will pay (and need a free market) for services that keep me up to date on my own terms.
When you don't know where to put the notifications tab... 💡
Enter, free market of notification bots.
GM
Nostr will help answer the simple questions the current internet can't.
"Where do I buy raw cream around here?"
Never added mango, great idea!
You ever tried adding gelatin/collagen btw? I'm curious for recipes that include it.
Yup!
I especially need these kind of pages for onboarding.
As in, I don't want to let users read my boring text about what relays are or make some sub-standard video about it.
I want to link to a Relay wiki that let's users discover what they are in whatever way they want.
For some that might be watching Instagram-like stories about it, for others it might be joining a forum full of golang geeks.
I get why they exist and have success (for now at least).
But there's very little inspiration / innovation there for me.