Oddbean

Ok Safari is a problem. The error message will be more meaningful and an explainer will be shown. You should go to ios setting advanced experimental and turn push api on and then add nsec.app to homescreen as pwa. Then this error should go away. I need to do more testing on apple devices

Moving forward with this “mobile first” onboarding app … local nsec storage via nip46 seems like a great fit for this use case. But maybe nostr-login is not ready for production? The solution you suggested is no go (for account creation UX flow), but maybe there is a better way (for me) to get something working for my client? I Haven’t quite wrapped my head around what you’ve built wiith nostr-login (and noauth) … but I think I need to. Do you have time for a paid consult with me to go over my best options for moving forward?

Nsec.app on iOS needs these settings for now, until the web push technology graduates from 'experimental'. Not sure if 'add to homescreen' requirement stays or not. On other platforms it works out of the box. Nostr-login is nip46 client, noauth/nsec.app is nip46 server (running in your browser) - there isn't much more than that. The smoothest mobile-first signup experience is when you just generate nsec in your client and eventually when user is ready start explaining to them how to get their nsec 'reused' in other apps. If you need to immediately give them an option to sign into other apps then you could host your own nsecbunker instance and generate nsecs inside it and store on your server - it would be as smooth, but custodial. The next option is nsec.app - non-custodial, but more friction on some platforms/browsers like iOS or Brave.

Ok. I like your recommended onboard flow. So I’d just generate nsecs for new accounts, pass them “raw” to the NDKSigner, and encrypt/decrypt them with a password for local storage? (In case the user closes the browser) Wd this be best practice?