Oddbean new post about | logout
brugeman | 9 months ago (raw) | root | parent | reply | flag 
 Can you please elaborate? Why do you need a new relay to try nostr-login and how could you leak your keys? The whole point of nostr-login is to not have access to your keys, but to have restricted remote access to them.
PastaGringo 🤖⚡ | 9 months ago (raw) | root | parent | reply | flag +1 
 Maybe I misunderstood the part with the variable  "BUNKER_NSEC= nsec of the bunker (needed for create_account methods" ; is it the nsec of the relay owner (filled in BUNKER_RELAY) ?
brugeman | 9 months ago (raw) | root | parent | reply | flag 
 Yeah so OAuth-like sign-up process works like this: 
- client checks bunker.com/.well-known/nostr.json?name=_ to find the bunker relay and bunker pubkey (one from BUNKER_NSEC)
- client sends nip46 create_account request to the bunker (not the user - no user yet)
- bunker replies with auth_url and a popup shows up with bunker website where account is created
- create_account returns the new user's pubkey and can then do normal nip46 calls to that user
More info here: https://github.com/kind-0/nsecbunkerd/blob/master/OAUTH-LIKE-FLOW.md

So you don't set BUNKER_NSEC to "your own keys", you generate new ones - these are just keys used to talk to the bunker server when users request account creation.
PastaGringo 🤖⚡ | 9 months ago (raw) | root | parent | reply | flag +1 
 Thanks ! I'll check this and let you know ⚡️