Artur Brugeman

> I don't understand why you would need to call connect in those flows Oauth start from client - it knows nip05 and does 'connect', it must generate the local...

Whether one stores one or two strings to me is a triviality not worth the ink. I get what you're proposing Alex, I don't get the benefit. I do get...

Ok I revoked the token - I no longer accept 'connect' call with this private key as a token. But what you're proposing is that client keeps using that private...

'secret' passed to 'connect' is single-use short-lived token, which only works on first connect (if it hasn't expired yet), so leaking it is okey-ish. If it leaks, it's very unlikely...

Local keypair is less likely to leak bcs it's not copy-pasted - it's generated in the app and kept in localstore.

Local keypair in clipboard is 100x less safe than in localstorage. I will stop here.

Hi guys, great to hear you found newsharecounts useful (I'm the author), just wanted to mention that it does not crawl _all_ the twitter regularly - it only scans for...

There is a bounty here now, and NIP-45. https://nostrbounties.com/b/naddr1qq9rzd3cxgungwf58yesygpn2m0xrvukg7f3e69jzs9jh2ur0cypps8029dmayk7qfyqgzutm5psgqqqw4rsquugx2

Ack, I've had this implemented in wss://relay.nostr.band more than a month ago, somehow discussion got lost in the telegram group, you can try `["COUNT","1",{"#p":["84dee6e676e5bb67b4ad4e042cf70cbd8681155db535942fcc6a0533858a7240"], "kinds":[3]}]`

> This could be done without change to the existing relays. > > The signing app could listen for ephemeral events: > > ``` > { > "id": getId(), >...