GM ☀️

Yesterday they flipped the switch on social media for under-16s. The real lesson isn’t the age limit. It’s that any government can kill “social media” overnight.

Because social media has a front door. A handful of companies you can knock on (or threaten).

Nostr has no front door.

It’s not even social media. It’s an open protocol, like email or the web. Social media is just one thing people build on it. You also get marketplaces, blogs, long-form, payments, communities, and whatever else people dream up.

Your identity and data live with you, not in some corporate database. Apps like @Clave (iOS) and @Amber (Android) make it dead simple and secure: they keep your key safe in your phone’s hardware and let you sign into lots of Nostr clients without pasting nsecs, creating accounts, or signing up. No foreground app required.

And the best part: they’re not social media apps. They’re keys to the entire open Nostr world.

Sovereignty isn’t coming. It’s already here.

Shipping a small-but-satisfying fix in Clave 🔑 and an proposed update to NIP-46

The problem: when you connect an app to a Nostr remote signer over a bunker://
link (NIP-46), the signer had no way to know *which* app was connecting — so theconnection showed up nameless/generic. You'd approve signing for "some app" with no idea who.

The fix: the client can now include its name, URL, and icon right in the connect
request — the same info nostrconnect:// already carries, brought to the bunker
flow too. Clave reads it and labels the connection properly.

It's live end-to-end: Clave (signer) reads it, and our experimental client jank.army (client) sends it. Pair them and the app's real name shows up.

We've proposed it as an extension to NIP-46 so any signer or client can adopt it. https://github.com/nostr-protocol/nips/pull/2381

Backward compatible — apps that don't send it connect exactly like before.

cc @greenart7c3 @fiatjaf
https://clave.casa

Clave 🔐 0.2.0 Build 100

New in this build:

• Bug fix: Low-trust signing now waits instead of failing. Set an app to "ask every time," post from it (e.g. jank.army) — it should stay pending until you approve in Clave, then go through. Deny = clean rejection.
• Switch accounts right on the Share Bunker Code screen.
• Connection detail now shows activity live.

Live in TestFlight now. Open source, still beta.
https://clave.casa

“But where does my key actually go?” is the question we get most about Clave. So we wrote a plain-language FAQ.

A preview:

• Is my key on your server? No. Your nsec never leaves your iPhone. Our server just nudges your phone “you’ve got a request” — it can’t read anything or sign as you.

• Why iOS only? Android has Amber; iOS had no equivalent, because Apple’s background rules block the way Amber works. Clave is built around them.

• Should I use my main key? Your call. The honest version’s in the FAQ. The short of it: it’s one app holding your key instead of the dozen you’ve pasted it into.

Full FAQ, no jargon → github.com/DocNR/clave/blob/main/FAQ.md

Clave 0.2.0 Build 98

Clave now implements the NIP-46 logout method (per nips#2373). Log out of a client and it tells the signer to tear down that session, so abandoned pairings clean themselves up instead of lingering. Live on TestFlight.Requires a compatible client (can be tested on spectr.clave.casa). Thanks to @hzrd149 for proposing this update.

https://clave.casa

Everyone thinks a Nostr signer is for logging into dedicated social clients like @primal or @Wisp.

We built Clave for the other stuff… the recipe apps, the workout trackers, the games, the music players, the experiments someone ships in a weekend.

One key unlocks a world of “other stuff”.

Drop a few of your favorites👇

#clave
https://clave.casa

Clave 0.2.0 (95)

Thank you to the beta tester who picked this up! User feedback and testing are our lifeblood 🤙

Shipped a fix in the latest Clave build: the QR scanner camera no longer stays awake after you leave the Connect tab. SwiftUI keeps tab views mounted once visited, so the capture session quietly stayed live (camera indicator on) across the whole app. Now it only runs while you are actually looking at the scanner. Small bug, but your camera indicator should never be on when it does not need to be.

Check out the new @Clave website! Testflight link is right there on the site - easy to grab and share.

We’re letting the recent encryption changes soak for a week or so, then the next step is to submit to the App Store 🙌

Ps- thanks to @utxo the webmaster 🧑‍💻 for the inspiration 😉 and @The Daniel 🖖 for the copy improvements.

https://clave.casa

Clave v0.2.0 Build 94 released on iOS Testflight. Now supporting NIP-44 v3.

In NIP-44 v2, an encrypt or decrypt request to a signer carries no information about what kind of event it's for. The request is just (pubkey, ciphertext). The signer can't tell whether an app is decrypting its own chat traffic, your Cashu wallet (kind 17375), or your gift-wrapped DMs (kind 1059). So when you grant an app "can decrypt for me," you're necessarily granting it for everything — the protocol gives the signer no handle to gate per-kind.

NIP-44 v3 puts the kind and scope into the request and binds them into the encryption itself. Now the signer knows what kind of data is being touched, and grants can be per (app, kind, scope). An app authorized to "save its deck (kind 30078, scope spectr_decks)" cannot silently decrypt your wallet or your DMs with that grant. The cryptography enforces it.

First reference-implementation pair shipped today: @Clave (iOS signer) and Spectr (web client at https://spectr.clave.casa ).

Thanks to @semisol for the NIP-44 v3 spec, the Go reference library at github.com/nostr-land/ncrypt-go, and the 228 test vectors that made porting safely possible. Thanks also to the @Amber team and @The Fishcake (nostr.build) and Nostr Build Shack for paving the way and being the first to implement.
#nip46 #clave

https://testflight.apple.com/join/5Mx5AZx7