I think a useful best-practice for Nostr apps would be including signing permissions check in the onboarding, instead of randomly when they need them.
This is already quite common on Android for other kind of permissions.
Just briefly explain why you need that specific signature and fire the permission request to the local signer or remote bunker.
It's a one time proces that will make the following app's usage smooth a frictionless.
This will also naturally bring to highlight mandatory and optional permissions, making apps more solid and resilient to possible rejections in the signing flow.
i kinda stopped using amber.. why? because apps ask for too many permissions and abuse our nsecs. to use any app you have to approve all anyway.
better would be apps using device keys for all that garbage and my nsec just for when i want to send a message.
View quoted note →
