Oddbean new post about | logout
 If you tried nsec.app and found it hard to understand, I would really appreciate your feedback! 
 I'm a fan,  @brugeman

I use npub.cash with nsec.app on the phone

In fact, I've stopped sticking my nsec wherever there is bunker login 
 Thanks man! It's great you're finding it useful, and thanks for the advocacy! 
 I shill the good stuff wherever I can 👍 
 I am trying it right now and am having a hard time logging in. I’ve set up a burner key and when I enter the npub on coracle.social I don’t see anything on coracle or nsec.app. It seems like it does work if I enter the bunker url, but nsec.app says not to share this. Is there an admin npub that can be used as well or are all of the added pubkeys considered admin for the bunker? Otherwise onboarding is super slick. I need to understand better where my keys are being stored  
 The is a video-guide on how to login to Coracle on nsec.app homepage, you should enter your bunker URL or your name@nsec.app
Don't share bunker URLs publicly - you have to put them where they belong, i.e. into Coracle :) Although I agree this bunker thing is confusing.
Nsec.app stores your keys in your browser - there is no 'admin key', all keys are separate. The password you specify is used for e2ee sync of your key between devices - so you can login to nsec.app with name and password and get your keys synched there. 
 
 Thanks for letting me know. I’ll check out the video! I know some interfaces like nostr.kiwi ask you to put in an npub or a token - does nsec.app only work with the nip-05 or the bunker url and not the npub? 

I do think adjusting the wording so that it’s clear that it is okay to put a bunker URL into the client would be helpful. I’ve used nsecBunker in the past and that wording threw me off for a second.  
 Ok so the 'nsecbunker' is one of the first nip46 implementations, and it had it's own 'connection string' format - it was 'npub' or 'npub#token'. But now the new standardized format is bunker://pubkey?relay[&secret] - all modern clients will support this format, some old clients support the old nsecbunker format. Nsec.app can't work with npub or npub#token format bcs this string doesn't allow to pass the relay address, which is needed to run the nip46 protocol (original nsecbunker had hardcoded relays so that wasn't needed). 

Thanks, I will adjust the wording. Basically, there are 2 kinds of bunker urls - with a &secret or without one, one with a secret must not be shared publicly, only pasted to the connecting app, nsec.app generates only urls with a secret now. 
 Thanks for the info. I want to dig into this more deeply for SEC-02 
 Cool, let me know if you have any questions or ideas! 
 Now I know your Lightning Address, I’ll be testing out my command line app! 
 
Du har fått min Litecoin-adress och jag skickar dig ett testpaket. Detta kommer att verifiera om din applikation fungerar korrekt.

/anna 
 Ahh that explains it. I am clearly a bit out of date and had also wondered if nostr.kiwi was. Nsec.app looks awesome and is very responsive. Thanks again!!! 
 Great! Don't hesitate to share feedback, it really helps!