SQRL invented the anti-phishing public key cryptography based approach to website authentication many years ago. It was a beautiful spec of one page with multiple grassroots implementations. Then they decided that the simple "I sign something with a key" approach wasn't good enough, they also had to cover a bazillion other key management things in the protocol so they brought a team of academics that turned the thing into a 300-page unreadable spec that no one ever implemented fully. LNURL-auth basically reinvented the original simple SQRL version in 2019 and got many implementations and some traction within the bitcoiner realm. But at the same time another team of academics probably by paid by some evil people were creating Webauthn, i.e. "passkeys", which solves the exact same problem and works in the exact same way, although this time the spec is much bigger than even the worst version of SQRL and apparently designed to create centralization. It took them at least 6 years to get browsers and phones and some websites to start adopting this behemoth, but so far there are no answers to what is their real purpose or to the question: "what if I lose my phone?".

Added a "spell" command to

GitHub

GitHub - fiatjaf/nak: a command line tool for doing all things nostr

a command line tool for doing all things nostr. Contribute to fiatjaf/nak development by creating an account on GitHub.

- `nak req -k 777 -a verbiricha@habla.news --outbox | jq` to see all @verbiricha spells - pick one and run `nak req -i c1214b196b3664bc7fc8c8dfaa082a24ed09b25028773bcae60fef8dfe6646fa -a verbiricha@habla.news --outbox | nak spell --pub fiatjaf.com` to run it in the context of your user (replace 'fiatjaf.com' with your npub or nip05) - `nak spell` will list your previously used spells with ids that you can use to invoke them again: `nak spell spellcgk4u9c --pub fiatjaf.com` It's not super useful, but it is something. View quoted note →

#grimoire might make all the other clients obsolete. View quoted note →