-
2024-10-23 01:58:14# Amber why, what, how? ## Why? Downstairs different then other social media apps. Instead of passwords managed by a central entity that can be recovered your identity is secured cryptographically with a public and private key pair. This grants you a lot of freedom. It also burdens you with a lot of responsibility. If your private key gets lost you lose access to your account forever. No one can help you. If your private key gets compromised the attacker will have access to your account in perpetuity. Able to impersonate you to all your contacts forever. We need a way to keep our nsec's safe. We want to be able to try out all the latest nostr apps without compromising our keys. We need a way to back up our keys offline. ## What? Enter Amber. By Greenart7c3. Amber allows you to leverage any noster app that utilizes nip-46. Which is rapidly growing in popularity. And it's relatively simple to implement for developers so I expect it will become standard at some point. It's based on nsec bunker. The main difference being instead of your keys being on a remote server they are on your phone. Basically, a app that supports this and send request to Amber which will sign the event with your key and then be published via whichever app you are using. communications through a NOSTR relay. **Having your keys on your phone does post some security risks in and of itself. But I always recommend a strong pin instead of face or fingerprint ID anyways. As well as being very selective with the apps you put on your phone and the permissions you give them. I personally use graphene OS because it gives me complete control over app permissions including the otherwise mandatory Google Play and Android system apps. If your phone is wide open first considered changing that. If you're unable to then maybe look for another key management solution** Amber also enables nip-06 which allows for key generation with a mnemonic backup. For anyone who's ever had a Bitcoin wallet it's the exact same thing. In fact you can even use them as a different wallet. This way you can store your key's backup safely offline as a hard copy. Write them on paper, stamp on on stainless steel, or for ultimate resilience chisel them in a granite tablet. ##How?  If it's not displaying in your client here's the link: [Video](https://v.nostr.build/GYRZeCeUPvCyRh9o.mp4) **All zaps from this note are %100 split with greenart7c3 so show some love** greenart7c3: >npub1w4uswmv6lu9yel005l3qgheysmr7tk9uvwluddznju3nuxalevvs2d0jr5