Oddbean new post about | logout
 nprofile1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qgwwaehxw309ahx7uewd3hkctcpzpmhxue69uhkummnw3ezumt0d5hsqgr40yrkmxhlpfx0mma8ugz97fyxclja30rrhlrtg5uhyvlph07try8tkv46 Amber is crashing when I scan a nostrconnect:// link 
 Can you share the nostrconnect link? 
 Sure,

nostrconnect://4d165011525031bf948fd69638252b190bd8ced90870cf6a50b7ca8910ea264b?secret=7xj5y&url=https%3A%2F%2Fapp.coracle.social&name=Coracle&image=https%3A%2F%2Fapp.coracle.social%2Fimages%2Flogo.png&perms=sign_event%3A22242%2Cnip04_encrypt%2Cnip04_decrypt%2Cnip44_encrypt%2Cnip44_decrypt&relay=wss%3A%2F%2Frelay.nsec.app%2F&relay=wss%3A%2F%2Fbucket.coracle.social%2F
Is it because of the meta stuff? I'm not exactly following the spec, but then again the spec isn't very clear. 
 Probably the meta fields. I always forget to set the parser to ignore unknown fields 
 Should I be passing metadata json instead? None of the fields are documented so I'm kind of guessing here. 
 I prefer not using json.
Ill look into it tomorrow morning and let you know what was the reason for the crash 
 Its not crashing for me. What version of amber are you using?
Yhe crash happens when you scan the qrcode? 
 v2.0.8-free. I recorded the crash below, you can see an error dialog briefly show up that is saying the relay sent a notice. bucket.coracle.social spams blank notices, but it seemed to happen when I only used relay.nsec.app too.


https://video.nostr.build/e2fc2396bca3894530363d8a8d09d2f13e8fd20343c99f0bc8c347be7eacbf4d.mp4 
 Its, not a crash. Its how the app works, it closes the app when you accept/reject a permission
I should probably add a option to not do that now that people can use applications in other devices 
 Ok, I see. In that case I would suggest leaving the app open and showing a success dialog if the connection was prompted by manual user action (vs an app opening a nostrconnect: link).

Unfortunately, I'm also not able to get Amber to work as a bunker. nsec.app handles the same nostrconnect link just fine, but Amber never responds to my subscription. 
 Did you enable network permission? Can you check the logs in the settings to see of theres some error connecting to the relays? 
 I don't see anything about network permissions, but I am getting some interaction so I don't think it's that.

The logs are funky though. If I remove bucket.coracle.social from my default relays and use a link with only nsec.app in it, Amber puts bucket back in my settings and connects to it. The logs only show an onBeforeSend and a disconnect for nsec.app. 

I did find out why I wasn't able to connect, which is that amber sends "ack" back instead of the secret specified in the nostrconnect link (unspecified, but should be added). Supporting ack works, but can lead to session hijacking (evil signers can spam clients and monitor signing requests).

Now that I am logged in, I'm not able to receive any responses. I'm subscribed to 24133s which p-tag my client session pubkey (same one sent in the nostrconnect link). Any tips? 
 The secret in nostrconnect is not supported yet. It was added recently to the nip but ill add support for it now.
I dont know why but looking at the logs the relay replies with success but the coracle subscription never receives the event back.
Maybe some bug in strfry?
I fixed the empty notice too 
 Now the subscription started working for me looking at the dev console in the browser.
I dont know why 
 Great, the addition of the secret will be a big improvement.

I tried connecting with multiple relay implementations (nos.lol which is strfry, bucket.coracle.social which is coracle/bucket, relay.nostr.band, relay.noswhere.com, and relay.stoner.com which is nostr-rs-relay), but none of them gave me any responses. Anyway, the same flow works fine with nsec.app.

Are you testing this on coracle? If so, make sure you're on dev.coracle.social, which has a whole bunch of bugfixes. 
 Actually, nsec.app isn't working for me now. Maybe this is on my end. 
 Nevermind, I just hadn't enabled push notifications. nsec.app works fine 
 Im testing on the dev.coracle.social, still debugging but now its working for me 
 🤔 
 Ill try reinstalling amber and reset the coracle webpage data to see if i can reproduce the error again 
 I was able to replicate the issue on nostrudel as well
https://image.nostr.build/695be249f765bc67db8ba1f59dc15eb5d63585fd0edc8fa2df975eb7138c5376.png 
 

I tried with relay.nostr.band it returned Relay on OK wss://relay.nostr.band, 0169078069201bfea3267f93e1f925070e39342ff3ead872ac51c2ba76d514e4, true,
but the browser never got the event. it just shows the req and eose 
 That's all fine, but I think it would be more useful if/when showing a UI that allows users to pick their own relays. If the relays are already baked into the bunker/nostrconnect url, there's not much you can do if they don't check out.

I've been continuing to debug, and it seems like stricter approvals work better for me. They don't always go through, and there's some UI open/close spam, but I am able to get responses.

One other thing I've noticed is that if I remove permission but don't delete my key from the app, the bunker still responds with error: 'no permission', which gets in the way of my handler accepting a successful response from another signer. I'll have to handle that on my side anyhow, but I think bunkers probably "must not" respond if they don't have an active session. 
 I'll add some tests when there's a connect event to check if the relays supports nip 46.
- Fetch the nip 11 document
- Relay cant be paid relay or require auth
- Send a 24133 event with a random key to check if the relay accepts the event
- Fetch the event to see if the relay supports fetching 24133 events

Anything else I should check? I already make those tests when you change your relays, im just not trying to fetch the event yet