Oddbean new post about login | logout Oh yeah, I'm all about indexers and proxies. nostr:nprofile1qyfhwumn8ghj7ur4wfcxcetsv9njuetn9uq3zamnwvaz7tmwdaehgu3wwa5kuef0qyd8wumn8ghj7urewfsk66ty9enxjct5dfskvtnrdakj7qpql2vyh47mk2p0qlsku7hg0vn29faehy9hy34ygaclpn66ukqp3afq8mwcl2 and I have talked about using signers as proxies, since they already have your key and could sign/decrypt stuff on the way in and out. But these are external services that can be discovered by NIP 89, and selected by the user (even if the client provides a default).
Ooooh wow, never saw signers in that way 🤯. They indeed are positioned in a sweet spot for that.
The only proxy that I would use is a local relay as a proxy app in the phone. Client only connects to that and that relay also serves as a local dabatase for events. Win-win. Third-party proxies know too much. No entity should have that amount of info on the user.
That is a great use case, but you wouldn't use a signer as a proxy? It already knows everything about you and can decrypt everything. It also sees every event you publish, the escalation is privileges is pretty minimal.
I would never use an online signer. No third party should control my keys.
Even if you self-hosted it?
Sure, but then I would self-host in the phone. Never online.
Fair enough. Is there a way to sign events on desktop from your phone?
Not yet. But NIP-46 apps are coming. Alby has a demo here: https://blog.getalby.com/nostr-signer/
Adding nip 46 to amber too. https://github.com/greenart7c3/Amber/tree/nip46
I mean, it’s online then isn’t it? Air-gapped signing would be pretty tedious 😂
Air-gapped signing is the future. :)
i'm glad others get it too... no, it's in someone else's hands, far from where i am able to hit the hard power switch and have the memory forget it even if it was stored in encrypted memory, still too far from me, never heard of a storage medium that can't be attacked with a big jar of liquid nitrogen