The starting experience with Nostr is, lets be honest, rough.
You learn about the protocol, then you go to https://nostrapps.com and look through to see if you can find some apps you want to try out, you go to sign up, and it tells you that best practice is to set up a remote signer. Ok, fine, which one to trust? You are making an irrevocable decision about what software you are going to trust your master key to, a wrong decision is catastrophic, lose the key and your identity is gone, if the key is compromised there is no way to regain control, the identity is permanently ruined.
Ok, whatever, you choose eg. to try out NOS2X, and you get an extension that while it works, the UX is frankly garbage tier. Then you finally get to sign up for the thing you wanted to try out to begin with, and then every time you do a new action you have to choose whether you give permanent authorization for 10 different actions one by one, with an explanation that quite frankly doesn't really make it clear what it is, or you can give temporary authorization and it will keep asking you every fucking time you do the thing.
This is one of the reasons I wrote a post about a DID based system, where the UX by comparison to what I just laid out would be:
1. You go to the app you want to try out, it could list a few options for you for identity wallets available on the platform you are currently on.
2. You download the identity wallet, and save your master key somewhere safe, ideally in cold storage, but it could also be inside of Bitwarden or similar password manager. An update key is set up as well and stored in the identity wallet app.
3. You click sign in in the app you want to sign into, and it sends you to something that looks very much like an OAuth authorization page, listing out all the permissions the application is asking for, and if you click "Authorize", a verification key is generated and sent to the app (probably stored in local storage, this key can be revoked at any time to disable the permissions granted to the app). The identity wallet handles all the broadcasting of DID documents etc. automatically.
https://primal.net/e/nevent1qqs8r5xnlaltp4ftwysw53shums2fctrevv4hh6mya9rrs45ya0avuqv7vl9c
You learn about the protocol, then you go to https://nostrapps.com and look through to see if you can find some apps you want to try out, you go to sign up, and it tells you that best practice is to set up a remote signer. Ok, fine, which one to trust? You are making an irrevocable decision about what software you are going to trust your master key to, a wrong decision is catastrophic, lose the key and your identity is gone, if the key is compromised there is no way to regain control, the identity is permanently ruined.
Ok, whatever, you choose eg. to try out NOS2X, and you get an extension that while it works, the UX is frankly garbage tier. Then you finally get to sign up for the thing you wanted to try out to begin with, and then every time you do a new action you have to choose whether you give permanent authorization for 10 different actions one by one, with an explanation that quite frankly doesn't really make it clear what it is, or you can give temporary authorization and it will keep asking you every fucking time you do the thing.
This is one of the reasons I wrote a post about a DID based system, where the UX by comparison to what I just laid out would be:
1. You go to the app you want to try out, it could list a few options for you for identity wallets available on the platform you are currently on.
2. You download the identity wallet, and save your master key somewhere safe, ideally in cold storage, but it could also be inside of Bitwarden or similar password manager. An update key is set up as well and stored in the identity wallet app.
3. You click sign in in the app you want to sign into, and it sends you to something that looks very much like an OAuth authorization page, listing out all the permissions the application is asking for, and if you click "Authorize", a verification key is generated and sent to the app (probably stored in local storage, this key can be revoked at any time to disable the permissions granted to the app). The identity wallet handles all the broadcasting of DID documents etc. automatically.
https://primal.net/e/nevent1qqs8r5xnlaltp4ftwysw53shums2fctrevv4hh6mya9rrs45ya0avuqv7vl9c