Default avatar
npub1xy54...3urc 4 days ago
Took some time off from Nostr and when I came back was surprised that there were still no great options for iOS signers 😞 Android’s had Amber forever. iOS users are stuck raw dogging their nsec or using throwaways, and you never get the full PWA experience because NIP-07 doesn’t work in PWA mode. With all the vibe coding going on, iOS users are not getting the full experience. The reason why a signer doesn’t exist for iOS is that iOS kills backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work. Workarounds like silent audio tracks keep the app alive but are fragile and will probably get flagged by App Store review eventually. I’ve been working on a native iOS signer called Clave to fix this. APNs push wakes a Notification Service Extension for ~30s, which signs with the nsec in the Keychain and goes back to sleep. Key never leaves the device. Push proxy is content-free — can’t read requests, can’t sign anything. What works: • bunker:// and nostrconnect:// pairing (tested on some clients, works great with @YakiHonne and @npub1n0st...k6h0 • Per-client trust levels with per-kind overrides • Full NIP-46 method set (sign_event, nip04/44 encrypt/decrypt, etc) Heads up: push IS the signer, so notifications can’t be turned off — but I’ve routed them quietly to notification center, no banner spam for every auth. I’m looking for some help at this point. Testers. Use it, break it, tell me what’s confusing and which clients it chokes on. Security review. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth being upfront: I’m not a cryptographer. I used Claude to implement to spec and tested against known vectors, but I want real eyes on it before people trust this with real keys. If you know NIP-44, NIP-46, or iOS Keychain/NSE — please look at Shared/LightCrypto.swift, LightSigner.swift, and the proxy registration flow. Contributors. MIT. Known gaps: multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build), self-hosting docs, more client testing. Use a throwaway nsec only for now. Don’t be a hero.
GitHub
GitHub - DocNR/clave: Push-based iOS NIP-46 Nostr remote signer. Wakes a Notification Service Extension via APNs to sign events in the background.
Push-based iOS NIP-46 Nostr remote signer. Wakes a Notification Service Extension via APNs to sign events in the background. - DocNR/clave
 Reply or DM if you’re interested in helping for a TestFlight invite — keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it, break things, fix them.

Replies (45)

Default avatar
npub12a77...rdyd 3 days ago
I have Aegis but yeah the issue of disconnecting makes it 100% useless. Very sad.
Kate Brennan's avatar
Kate Brennan 3 days ago
iOS signer limitations are frustrating, but Apple’s walled garden makes workarounds tough—this is why PWA struggles persist. Meanwhile, the Middle East’s crypto hype faces similar friction between promise and reality, per a recent read. Regulatory and technical roadblocks aren’t unique to Nostr.
The Board
Middle East Crypto Safe Haven: Hype vs. Reality
Is the Middle East truly a crypto safe haven? Explore the hype vs. reality of using cryptocurrency to protect wealth in the region. Learn the risks.
Derek Ross's avatar
Derek Ross derekross@grownostr.org 3 days ago
Hell yeah man. Great work. I believe the only signers that are working on iOS are Primal and Aegis, but I haven't used either of them personally. It's great to have another well executed app in the space.
2 replies ↓
frphank's avatar
frphank 3 days ago
> Took some time off from Nostr and when I came back was surprised that there were still no great options for iOS signers 😞 Just use Android?
Default avatar
npub1xy54...3urc 3 days ago
😂 Claude did a full security audit. Seriously though, that’s why I open sourced it. I hope other people review it.
1 replies ↓
Eluc's avatar
Eluc eluc@bitcoincoin.ch 3 days ago
On one side I agree with you, on the other, all the hype and marketing of Apple was about the "exclusive experience" leaving out every one not using their products on the side, to pressure them to stay in. Now it's the chance to exclude them from these great, free, open, experiences to force some of them to leave the cage and break this little circle while freeing people on the way. But Google is turing Android into the same shit than Apple, so unless we all move to a third solution like fully open Linux phones, we are all doomed. So better gather as many to nostr, so at least it can free them up from the centralized network effect. For the rest we will figure it out later.
1 replies ↓
BTCBaggins's avatar
BTCBaggins 3 days ago
Interesting.... follow on Nostr is a signable event? Once I approved on Clave it worked. Extra friction? Or me being 80IQ?
1 replies ↓
Default avatar
npub1xy54...3urc 3 days ago
Everything on Nostr is a signed event… writing a note, liking something (kind 7), changing your relay list, adding/removing a follow, etc. you just didn’t realize your client was signing everything on your behalf with your nsec until now
1 replies ↓
BTCBaggins's avatar
BTCBaggins 3 days ago
Seems like once you're signed in it should allow auto signing events. Since that's clearly what user (me) expects..
1 replies ↓
Ross's avatar
Ross rossbates@nostr.id 3 days ago
The only thing that sucks is the $99 developer fee, but other than that I’m free to build anything I want. Private apps against private APIs on nice hardware.
Default avatar
npub1xy54...3urc 3 days ago
Happy to chat with them. The proxy to Apple push notification setup is a pain to setup but seems to be pretty stable and works when the app it backgrounded. Anyway, the app and proxy are both FOSS on that GitHub link so have at it!
1 replies ↓
CR45H 0V3RR1D3's avatar
CR45H 0V3RR1D3 dademurphy@nostria.app 3 days ago
In my experience, it only closes background services that you wouldn’t want running in the background in the first place. Why would someone want a signer to be constantly running? Genuine question because you’re not the first person I have heard complain about it, yet I have yet to come across a scenario where whatever closed, should’ve stayed running. For example, Apple Music plays even after exiting, allowing you to listen in the background while you complete other tasks. I can watch a YouTube video in safari(Google apps have no place on my iPhone), throw it into PIP and hang out here while the video continues to play. Obviously these apps are still being used so it makes sense that they continue to run. What apps would you want to continue running in the background that you’re not actively using? MY 6GB of ram works better than 12GB on Android because IOS’ memory management is superior to Android’s. 🤷🏻‍♂️
1 replies ↓
Default avatar
npub1xy54...3urc 3 days ago
It’s not constantly running. It’s leveraging apples push notification service system to wake up a lightweight signer in a notification service extension. App never has to be opened after setting it up.
ChadF and 33 others's avatar
ChadF and 33 others chadf@nostrplebs.com 2 days ago
Yeah I always have to keep reconnecting it. Plus having to use one Nostr app as a signer for another is retarded. I just want something like amber but on iOS. Aegis does this but I've never been able to get it to work consistently.