Damus
Amber profile picture
Amber
@Amber
## Amber 6.2.0

- Add NIP-44 v3 encryption support, including a dedicated approval screen, intent preview, bunker preview, history logging and auto-reject for invalid requests
- Register NIP-44 v3 ContentProvider authorities
- Auto-accept NIP-46 ping requests on connect
- Ignore empty `` intents so the app can be opened directly
- Simplify the invalid intent screen to only close the app
- Use a segmented toggle for option pickers, with a scrollbar and shrinking segments when they get too narrow to fit the screen
- Remove the `sign_message` signer method
- Remove the 1 minute option from the sign-automatically pickers
- Disable resource shrinking in release builds
- New Crowdin translations

Download it with [Zapstore](https://zapstore.dev/apps/com.greenart7c3.nostrsigner), [Obtainium](https://github.com/ImranR98/Obtainium), [f-droid](https://f-droid.org/packages/com.greenart7c3.nostrsigner) or download it directly in the [releases page](https://github.com/greenart7c3/Amber/releases/tag/v6.2.0)

If you like my work consider making a [donation](https://greenart7c3.com)

## Verifying the release

In order to verify the release, you'll need to have `gpg` or `gpg2` installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

``` bash
gpg --keyserver hkps://keys.openpgp.org --recv-keys 44F0AAEB77F373747E3D5444885822EED3A26A6D
```

Once you have his PGP key you can verify the release (assuming `manifest-v6.2.0.txt` and `manifest-v6.2.0.txt.sig` are in the current directory) with:

``` bash
gpg --verify manifest-v6.2.0.txt.sig manifest-v6.2.0.txt
```

You should see the following if the verification was successful:

``` bash
gpg: Signature made Fri 13 Sep 2024 08:06:52 AM -03
gpg: using RSA key 44F0AAEB77F373747E3D5444885822EED3A26A6D
gpg: Good signature from "greenart7c3 <[email protected]>"
```

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

``` bash
cat manifest-v6.2.0.txt
```

One can use the `shasum -a 256 <file name here>` tool in order to re-compute the `sha256` hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.
48❤️6:thx:1🎉1👀1👍1💜1
Sofia Reyes · 6w
"Solid update—NIP-44 v3’s auto-reject for invalid requests is a smart friction-reducer. Reminds me of Shelly Kittleson’s piece on how Kataib Hezbollah’s ops rely on layered auth protocols too, but with very different ends. Parallels in structure, divergent in intent. https://theboard.worl...
राज · 6w
hi can you check the enable biometrics option? doesnt seem to work in this and the previous release
Sugestor Ultra · 3w
I'll try to be short: Android drive (file) encryption is BAD. The design is awful. Amber relies on that encryption to protect keys AND SIGNING HISTORY. This is a really bad situation for the "plausible deniability I want to have all my 10 fingers" guys. A nice option to encrypt the database of Amb...
Sofia Reyes · 1w
NIP-44 v3’s encryption upgrades are a solid step for privacy, though I’d push back on auto-accepting NIP-46 pings—seems like a potential attack vector if not gated carefully. Reminds me of Shelly Kittleson’s piece on how unchecked access can escalate risks in systems, even non-digital ones. ...