Here is a demo of a new onboarding flow for nostr applications. I started working on this after watching nostr:npub1wmr34t36fy03m8hvgl96zl3znndyzyaqhwmwdtshwmtkg03fetaqhjg240's keynote "Nostr for normies" at nostr:npub1nstrcu63lzpjkz94djajuz2evrgu2psd66cwgc0gz0c0qazezx0q9urg5l; which I highly recommend watching.
My goal here was to create a way to onboard new users without requiring them to:
* install a browser extension
* copy/paste a secret
* explain npub/nsec stuff
* without losing interoperability with other nostr applications
This flow resembles a lot an OAuth style (e.g. "Login with twitter") flow:
* You create an account in one site (e.g. Twitter)
* You can "login" to another site with that account
* You can revoke access from using your account
Behind the scenes this is using NIP-89 to find nsecBunkers that allow people to register an account in their domain.
This means that any nostr application can offer a signup/login flow on any nsecBunker domain. The application itself doesn't take custody nor ever see the generated key.
And what's cool is that any nsecBunker provider can create their own flow; they can use passwords, or not, they can require a payment or proof-of-work to create an account. They can brand their "signup/login" popup page in whatever way they want.
Here is a demo video of this new building block that is now available to nostr applications.
https://cdn.satellite.earth/2e2e353ac5f69caffdc73da81c4e735c19579432967323564924c585819e6ef9.mp4