Oddbean

@brugeman nsec.app is great - I really don’t want to type my nsec outside my phone! A question about connecting from my laptop: I’ve installed Alby on my laptop’s Firefox and created a new nostr user (different from the one on my phone). I then tried to log in to coracle.social with the Bunker URL and got the attached message on my phone. This npub does not match the user in my Alby extension. Each time I tried I got a different npub. Does coracle.social even use the extension when you log-in via a Bunker URL? Otherwise it means that I would need to re-approve a new npub each time I log in to coracle.social. I also tried nos2x but it was the same. Is there a browser extension that would keep the same npub? (i.e. will maintain the connection to the bunker instead of the website). https://i.nostr.build/PvqyDGNKSBeqIBpS.jpg

I was scared from the popups on my laptop. I kept nsec.app opened in my iPhone (I actually need to restart it to see the permission request). The popups seemed to want me to enter the passphrase so it could down the main nsec to my laptop - which is NOT what I want.

The UI should be more clear about that. Anyways, do you know why the initial permission requests were a little buggy and I had to restart the nsec.app? The push-notification permissions are on, but I wouldn’t trust that mechanism (I have a little experience with app development). If nsec.app is open in the foreground, it should always wait for events via nostr websockets - maybe even allow to connect to more than one (in addition to relay.nsec.app).

Well, I’m guessing it’s a temporary npub to send & receive private messages between my laptop and my phone (over nostr too): the content to be signed/encrypted/decrypted and the signatures/encrypted/decrypted-data. I was thinking about using nsec.app as an alternative for the nsecbunker.com daemon/dockers: to run a shared account that can be controlled by multiple users (like for a company) - by keeping a computer with a Brave browser open with nsec.app and allowing my npub and my friends’ npubs. But this means I would need to re-approve new npubs if we log out (which means logging to that computer).

I haven’t tried adding on npubs for shared access, but I don’t think you’d need to reapprove them. As long as you have access to the nsec.app dashboard you should be able to add new npubs to the connection if my understanding is correct. You’re adding the permanent user npubs, not the temporary ones.

I have not tried using nsecbunker to share access, but from my understanding what you want is: - add npubs that are allowed to control the main key - set permissions for each such npub - is they can accept connections, confirm certain kinds, etc - then if one of those users are trying to log into an app, they would confirm the connection/signing themselves (but within limits that you've specified) - all this without your friends getting access to your main nsec, which is stored safely on one of your devices Is that roughly it?

Yes, there is even no need to confirm logging to a new app themselves. They will only use one app: snort/coracle. I want to approve them once on the main device that stores the main key. I think it could be implemented simply by changing the code of snort/coracle to use window.nostr.nip04.encrypt/decrypt and window.nostr.signEvent/getPublicKey - so the same nsec-npub keypair in the extension will be used to communicate with the bunker, instead of generating a temporary nsec-npub keypair on every session.

Oh that's an interesting idea of using extension key as app key... need to think it through. Meanwhile, if they're gonna use just one app, they could try to log in as your main key on their device, you would confirm on main device, add needed permissions (manually or on request) and then they'd just keep using it? If they'd need to re-login you'd have to confirm again, but once the session is created they should be able to use it just fine?

I wouldn’t want them to keep a session open on their laptop but it’s an interesting idea to keep a session open on their smartphone. I’m writing this note from coracle that I added to my home screen as an app (the session even survived a reboot of my iPhone). Do you know of Android apps that support nsecbunker login? Primal/Amethyst?

It's just a way for you to mark this session as "I shared it with this npub". If you gave someone access by confirming a login on their device and then mark a session using this option, then you'd be able to filter the activity and connections on the key's screen - you'll be able to select "yourself" or "that npub you shared with". This is some beginnings of shared access, just for reporting.

Hi, nsec.app and bunker-urls have nothing to do with browser extensions. Every time you log in to an app, the app generates a temporary nsec/npub which is used to connect to your keys inside nsec.app (and that temporary npub you see in connection requests). Each time a connection is established the new key is generated by an app, and you have to approve it in nsec.app. Limited shared access is impossible atm - you'd need to basically give your friends full access to nsec.app so that they themselves would be able to approve the connection requests without your help. I have limited shared access feature outlined on the roadmap, but it's actually quite hard to implement and you're only a second person to ask for it, so I guess it will take a while before we start working on it. Can you please tell me more about what your expectation was with browser extensions + nsec.app? Did you mean nsec stored in extension would somehow be "allowed" in nsec.app and then something good could happen? Thanks.