Here for the inevitable zap audit 🤣

Look like I got some testing to do

Anytime!

Yea, I’d like to get a formal security audit by a third party before I can recommend using your main nsec. After supporting mutlipe accounts, that’ll be my priority 🤙 If you try it and have feedback please share here (tag #clave on nostr) or join our signal testing group. https://signal.group/#CjQKIPbS1HXpkoSjreRFls_gL3lwSd7Sk6VLKvPYDnO1oF2bEhAPcsWVvLMiPXzHiqFLxmBi

- when are iOS fountain users getting nip46? https://github.com/DocNR/clave

Oh nm, you’re on android. But if you have an iOS device and want to test let me know!

I only see nsec 🤷‍♂️ You want to try #clave?

Took some time off from Nostr and when I came back was surprised that there were still no great options for iOS signers 😞 Android’s had Amber forever. iOS users are stuck raw dogging their nsec or using throwaways, and you never get the full PWA experience because NIP-07 doesn’t work in PWA mode. With all the vibe coding going on, iOS users are not getting the full experience. The reason why a signer doesn’t exist for iOS is that iOS kills backgrounded apps fast, so the usual “signer stays connected” approach doesn’t work. Workarounds like silent audio tracks keep the app alive but are fragile and will probably get flagged by App Store review eventually. I’ve been working on a native iOS signer called Clave to fix this. APNs push wakes a Notification Service Extension for ~30s, which signs with the nsec in the Keychain and goes back to sleep. Key never leaves the device. Push proxy is content-free — can’t read requests, can’t sign anything. What works: • bunker:// and nostrconnect:// pairing (tested on some clients, works great with and • Per-client trust levels with per-kind overrides • Full NIP-46 method set (sign_event, nip04/44 encrypt/decrypt, etc) Heads up: push IS the signer, so notifications can’t be turned off — but I’ve routed them quietly to notification center, no banner spam for every auth. I’m looking for some help at this point. Testers. Use it, break it, tell me what’s confusing and which clients it chokes on. Security review. Custom NIP-44 v2 on CryptoKit + swift-secp256k1. Worth being upfront: I’m not a cryptographer. I used Claude to implement to spec and tested against known vectors, but I want real eyes on it before people trust this with real keys. If you know NIP-44, NIP-46, or iOS Keychain/NSE — please look at Shared/LightCrypto.swift, LightSigner.swift, and the proxy registration flow. Contributors. MIT. Known gaps: multi-relay bunker (proxy only subs to one relay, so bunker clients are pinned to relay.powr.build), self-hosting docs, more client testing. Use a throwaway nsec only for now. Don’t be a hero. https://github.com/DocNR/clave Reply or DM if you’re interested in helping for a TestFlight invite — keeping it tight for now so I can make sure the proxy can scale appropriately. Drop in, poke at it, break things, fix them.

Took me too long to realize this 😭

Does Fountain support nip46?

hey - I’m running #clave with strfry for my nip-46 bunker traffic — works really well. thinking about zooid though bc i want to spin up a nip-29 group to replace the signal channel we use for tester coordination. few things before i deploy: is zooid solid for nip-46 transport too? specifically kind:24133 with the proxy doing #p-filtered REQs. Is event size configurable? I bumped strfry to 512KB because nip-46 wraps containing a kind:3 contact list for users with 700+ can be large. Would I setup a zooid instance hosting both a nip-29 virtual relay for the testing group AND a groups-disabled one for general bunker traffic? Just brainstorming the architecture - would be cool to make the project as Nostr native as i can.

Soon™️ - if you’d like to join our signal group and help test early that would be appreciated!

Works great on coracle 🙌