🌐 What is Nostr?
Nostr (Notes and Other Stuff Transmitted by Relays) is a censorship-resistant protocol that lets anyone publish messages and interact online without a central server. Users control their identity using cryptographic keys — not usernames, passwords, or email logins.
At its core, Nostr is about freedom, decentralization, and user control.
🔑 How Do You Log In to Nostr?
To use Nostr apps (like clients for social networking, messaging, or publishing), you need a public key and a private key:
npub…is your public key (like a username)nsec…is your private key (used to sign messages)
Web apps need a way for users to access these keys securely. Here are the three main ways to do that:
🧩 Option 1: Browser Extension (NIP-07)
The most secure and user-friendly way to log in on the web is via a NIP-07 extension like:
These inject a window.nostr object into your browser, allowing web apps to request signatures without ever seeing your private key.
✅ Pros
- Your private key stays secure.
- Seamless sign-in experience.
- Supports advanced features like encryption and delegated events.
🚫 Cons
- Requires users to install the extension.
- Not yet supported on mobile browsers.
✍️ Option 2: Manual Key Entry (Use with Caution)
Some web apps allow users to paste their private key (nsec) or public key (npub) directly into the interface.
✅ Pros
- Works on any browser or device.
- No setup or extension required.
🚫 Cons
- Dangerous: Entering your private key into websites is risky.
- Poor UX and not beginner-friendly.
🔒 Tip: Never reuse your primary key when pasting manually. Use a temporary or burner key.
📱 Option 3: Mobile App Bridge (QR Code or Remote Signing)
A newer, more secure method is to use your mobile Nostr app (e.g. Damus or Amethyst) to scan a QR code from the web. This connects your identity without revealing the private key.
This flow is inspired by WalletConnect and often uses NIP-46.
✅ Pros
- Secure: Private key remains on your phone.
- Good for mobile-first users.
🚫 Cons
- Still experimental.
- Requires both the mobile app and web app to support the protocol.
📌 Summary: Choose Based on Your Audience
| Method | UX Quality | Security | Best For |
|---|---|---|---|
| NIP-07 Extension | ✅✅✅ | ✅✅✅ | Web + desktop users |
| Manual Key Input | ❌ | ❌ | Devs / advanced users |
| Mobile App Bridge | ✅✅ | ✅✅✅ | Mobile-first workflows |
🚀 What's Next?
Protocols like NIP-46 and tools like Nostr Connect aim to make remote signing safer and more user-friendly. Combined with standards like NIP-07, Nostr is laying the foundation for secure, decentralized identity on the web.
Start building today with nostr-tools or explore clients like Coracle and Iris.
