Derek Ross's avatar
Derek Ross derekross@grownostr.org 2 months ago
Your first point is what we already do! We tell someone to download Primal, for example, and then we say oh way go to GitHub and download Amber, a random app, to sign into Primal. We could solve all of this if Primal was the signer! This is essentially what Damus is going to do with Notedeck! If it's good enough for @jb55 to rally behind, then it's probably good enough for others to consider it. Your second, point I also don't agree with because this can easily be hidden away in advanced settings. I do agree with your last and final point though. However, I would concede to code reviewer's approvals.
↑ Parent

Replies (2)

daniele's avatar
daniele _@dtonon.com 2 months ago
Amber is not a random app, it is a really specialized app,, a signer, with a specific goal. Since there will be few signers, onboarding guides will be quite similar and easy to understand. This would not happen if every app acts also as a signer. I suspect that in your actual vision this app would not be random (Primal, Damous, ...) - this would simplify things for sure - but it would also create a dangerous centralized "super app" . You cannot simply hide in advance setting the complexity of a signer, you need approval flows, kind preferences, easy revocation, etc. It's not only a code review matter, that by the way cannot be effectively applied to a large pool of apps, it's a universal best practice that said that sensitive code should be isolated as much as possible to reduce bugs and the attack surface. Finally, I think signers will become an advanced tool for "power users", newcomers will largely use (frost) bunkers created by an "my Nostr profile" app. See Nstart.me and the upcoming companion service.
1 replies ↓
Derek Ross's avatar
Derek Ross derekross@grownostr.org 2 months ago
Amber is a random app to new users. You have to install it from GitHub or you have to install another random app to install Amber. Your average user will not use it. It's an advanced tool no matter how you try to spin it. If it wasn't advanced, every single Android user that exists on Nostr would already use Amber. Sorry man, but your Nstart falls into this exact category too. It's a random website, (a website!) that a native app user has to visit to go through steps that they've never used either. Your website might have a pretty onboarding flow, but it's incredibly advanced compared to what users use today. It's why I have never once recommended it to anyone that I've onboarded. A companion app is perhaps the way to go with Nstart, depending what this means, though I still suspect no one will use it unless it's baked into their day to day application. Otherwise it's DoA like everything else. On-boarding and key usage needs to be roll your face across the keyboard easy or Nostr will always be for the tech savvy and the ultra early adopter.
1 replies ↓