Check out the new @Clave website! Testflight link is right there on the site - easy to grab and share.

We’re letting the recent encryption changes soak for a week or so, then the next step is to submit to the App Store 🙌

Ps- thanks to @utxo the webmaster 🧑‍💻 for the inspiration 😉 and @The Daniel 🖖 for the copy improvements.

https://clave.casa

Clave v0.2.0 Build 94 released on iOS Testflight. Now supporting NIP-44 v3.

In NIP-44 v2, an encrypt or decrypt request to a signer carries no information about what kind of event it's for. The request is just (pubkey, ciphertext). The signer can't tell whether an app is decrypting its own chat traffic, your Cashu wallet (kind 17375), or your gift-wrapped DMs (kind 1059). So when you grant an app "can decrypt for me," you're necessarily granting it for everything — the protocol gives the signer no handle to gate per-kind.

NIP-44 v3 puts the kind and scope into the request and binds them into the encryption itself. Now the signer knows what kind of data is being touched, and grants can be per (app, kind, scope). An app authorized to "save its deck (kind 30078, scope spectr_decks)" cannot silently decrypt your wallet or your DMs with that grant. The cryptography enforces it.

First reference-implementation pair shipped today: @Clave (iOS signer) and Spectr (web client at https://spectr.clave.casa ).

Thanks to @semisol for the NIP-44 v3 spec, the Go reference library at github.com/nostr-land/ncrypt-go, and the 228 test vectors that made porting safely possible. Thanks also to the @Amber team and @The Fishcake (nostr.build) and Nostr Build Shack for paving the way and being the first to implement.
#nip46 #clave

https://testflight.apple.com/join/5Mx5AZx7

Clave v0.2.0 build 79 — what to test

**What's new:**
- New **Connect** tab in the bottom bar (between Activity and Discover) — replaces the old "Connect a Client" button on Home
- New **Discover** tab — placeholder for now, will eventually list NIP-46-compatible apps
- Multi-account pairing flow: when you have multiple accounts in Clave, you explicitly pick which account each app should sign for (no more implicit "use whichever is current")
- Bunker URIs now ask which account first, then show that account's URI + avatar (was: always used current account)
- New help sheet explaining Nostrconnect vs Bunker, including a note about same-device pairing reliability

**To try:**

1. **Find the Connect tab** — fourth icon from the left on the bottom (⚡ bolt). Tap it.
2. **Pair with your favorite Nostr app** using its sign-in / NIP-46 flow:
- Scan the QR with Clave's camera, or
- Tap "Paste Nostrconnect URI" and paste from clipboard
3. **Multi-account folks:** after pasting/scanning, you'll see an account picker. Pick one. The picker shows your avatar, display name, and a short npub.
4. **Try the bunker flow** — tap "Share a code from Clave" → pick an account → copy or scan the URI for that account. Paste into the other app.
5. **Tap the help link** at the bottom of the Connect tab and read the methods comparison. Does it make sense?
6. **Same-device pairing:** if you've struggled with nostrconnect URIs between apps on the same iPhone before, try Bunker for that case and see if it works better.

**Report bugs** via the signal group or tag #clave on Nostr. Include:
- Which step failed
- Single-account or multi-account?
- Same-device or cross-device pairing?
- A screenshot if possible

https://testflight.apple.com/join/5Mx5AZx7
https://signal.group/#CjQKIPbS1HXpkoSjreRFls_gL3lwSd7Sk6VLKvPYDnO1oF2bEhAPcsWVvLMiPXzHiqFLxmBi

Clave build 71 just hit external TestFlight.

Two things to know:

1. On iOS, prefer bunker:// if your client is on the same iPhone as Clave. Same-device nostrconnect:// is supported but fragile — iOS suspends the client's WebSocket when you switch between apps, breaking the handshake. Bunker pairing avoids the whole problem (it goes through Clave's primary relay via APNs and doesn't care about foreground state).

If you do use same-device nostrconnect, build 71 fixes the misleading "Stay in Clave" copy — the new prompt tells you to switch back to your client app, which keeps its WebSocket alive long enough to receive the response.

2. Bunker connection cap is now actually enforced. Was bypassable due to a timing bug — closed at all three layers in this build. Thanks to the tester who reported it.

Plus a sizable refactor under the hood (~2,000 LOC of AppState.swift split into focused files; same behavior, much easier to reason about going forward).

Find a bug? DM me.

Clave social post — Option B (narrative, for client devs)
New Clave build out on external TestFlight. Two things worth flagging for anyone shipping NIP-46 in a client:

Same-device iOS pairing: recommend bunker://, not nostrconnect://. When the user taps Approve in Clave, the client app loses foreground and iOS suspends its WebSocket within seconds. The connect-response Clave publishes goes to a closed connection. Bunker pairing routes through wss://relay.powr.build/ (Clave's primary sub) via APNs, so foreground state doesn't matter.

If your client wants to support nostrconnect:// on iOS anyway, two things help:

Include wss://relay.powr.build/ in your URI's relay set — the proxy's primary subscription catches signing requests there regardless of client foreground state
Don't show the user "stay in the signer for a few seconds" — they need to switch back to your app for the WebSocket to stay alive
Documented end-to-end at https://github.com/DocNR/clave/blob/main/docs/nip46-compatibility.md

Beyond that: build 71 also closes a bunker pair-cap bypass and ships an ~85% reduction in AppState.swift size from a behavior-preserving refactor.

https://testflight.apple.com/join/5Mx5AZx7

Clave v0.2.0 build 60 — now available in TestFlight 📲

A polish round on the pending-approval surface, based on tester feedback:

• Lock-screen banners properly clear when requests expire, are approved, or denied
• New "Not now" button — defer pending alerts and handle them via the bell on your own time
• Pending tile on Home is now tappable (opens the inbox)
• Correct "X of N" numbering when multiple requests are stacked

TestFlight: https://testflight.apple.com/join/5Mx5AZx7
Source: https://github.com/DocNR/clave

New Clave build on TestFlight (v0.2.0 build 54). Two big quality-of-life shifts:

Signing requests now have a real inbox — bell icon on Home, cross-tab alerts, Approve/Deny right from the lock screen.

Connecting a Nostr app got simpler — one sheet with Bunker + Nostrconnect tabs, no more 3-card maze.

Plus: tap any signed event in Activity to see the raw JSON.

https://testflight.apple.com/join/5Mx5AZx7

Hello Nostr. The keys stayed home today. #clave