Took some time off from Nostr and when I came back was surprised that there were still no great options for iOS signers 😞 Android’s had Amber forever. iOS users are stuck raw dogging their nsec or using throwaways, and you never get the full PWA experience because NIP-07 doesn’t work in PWA mode. With all the vibe coding going on, iOS users are not getting the full experience.
The reason why a signer doesn’t exist for iOS is that iOS kills backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work. Workarounds like silent audio tracks keep the app alive but are fragile and will probably get flagged by App Store review eventually.
I’ve been working on a native iOS signer called Clave to fix this. APNs push wakes a Notification Service Extension for ~30s, which signs with the nsec in the Keychain and goes back to sleep. Key never leaves the device. Push proxy is content-free — can’t read requests, can’t sign anything.
What works:
• bunker:// and nostrconnect:// pairing (tested on some clients, works great with @YakiHonne and @Nostur
• Per-client trust levels with per-kind overrides
• Full NIP-46 method set (sign_event, nip04/44 encrypt/decrypt, etc)
Heads up: push IS the signer, so notifications can’t be turned off — but I’ve routed them quietly to notification center, no banner spam for every auth.
I’m looking for some help at this point.
Testers. Use it, break it, tell me what’s confusing and which clients it chokes on.
Security review. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth being upfront: I’m not a cryptographer. I used Claude to implement to spec and tested against known vectors, but I want real eyes on it before people trust this with real keys. If you know NIP-44, NIP-46, or iOS Keychain/NSE — please look at Shared/LightCrypto.swift, LightSigner.swift, and the proxy registration flow.
Contributors. MIT. Known gaps: multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build), self-hosting docs, more client testing.
Use a throwaway nsec only for now. Don’t be a hero.
https://github.com/DocNR/clave
Reply or DM if you’re interested in helping for a TestFlight invite — keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it, break things, fix them.
The reason why a signer doesn’t exist for iOS is that iOS kills backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work. Workarounds like silent audio tracks keep the app alive but are fragile and will probably get flagged by App Store review eventually.
I’ve been working on a native iOS signer called Clave to fix this. APNs push wakes a Notification Service Extension for ~30s, which signs with the nsec in the Keychain and goes back to sleep. Key never leaves the device. Push proxy is content-free — can’t read requests, can’t sign anything.
What works:
• bunker:// and nostrconnect:// pairing (tested on some clients, works great with @YakiHonne and @Nostur
• Per-client trust levels with per-kind overrides
• Full NIP-46 method set (sign_event, nip04/44 encrypt/decrypt, etc)
Heads up: push IS the signer, so notifications can’t be turned off — but I’ve routed them quietly to notification center, no banner spam for every auth.
I’m looking for some help at this point.
Testers. Use it, break it, tell me what’s confusing and which clients it chokes on.
Security review. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth being upfront: I’m not a cryptographer. I used Claude to implement to spec and tested against known vectors, but I want real eyes on it before people trust this with real keys. If you know NIP-44, NIP-46, or iOS Keychain/NSE — please look at Shared/LightCrypto.swift, LightSigner.swift, and the proxy registration flow.
Contributors. MIT. Known gaps: multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build), self-hosting docs, more client testing.
Use a throwaway nsec only for now. Don’t be a hero.
https://github.com/DocNR/clave
Reply or DM if you’re interested in helping for a TestFlight invite — keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it, break things, fix them.
4822❤️30💜3❤️2🔥2🤙2👍1
