@fiatjaf can you help us clarify this? Or do you know, who can?

Usually clients prefer using name=example&perms=nip04_encryption instead of the json metadata to make the qrcode smaller
I support both ways in amber. Dont know about other signers
Also i made all those fields optional so you can send only the perms in the json if you want
I think nostrudel, coracle and nostr-login widget has the nostrconnect uri

@staab @nostrband

Usually clients prefer using name=example&perms=nip04_encryption instead of the json metadata to make the qrcode smaller
I support both ways in amber. Dont know about other signers
Also i made all those fields optional so you can send only the perms in the json if you want
I think nostrudel, coracle and nostr-login widget has the nostrconnect uri

That's helpful!

Can we define that in NIP-46? It should be clear what sorts of values are expected for name and perms, and we should remove any values from the spec that aren't being used by any clients.

@alltheseas

@brugeman

Is there anyone who has implemented this client-initiated connection handshake and can explain how the metadata parameter is used?

Metadata is used by signer to show to the user some info about the client that is trying to connect, i.e. "nostrudel.ninja icon is requesting connection, and requesting these perms". All fields are optional, I would say web apps SHOULD provide url and icon, native apps - name and icon.

Usually clients prefer using name=example&perms=nip04_encryption instead of the json metadata to make the qrcode smaller I support both ways in amber. Dont know about other signers Also i made all those fields optional so you can send only the perms in the json if you want I think nostrudel, coracle and nostr-login widget has the nostrconnect uri.

The original spec (or at least every version I looked at) mentions metadata as json. I saw that nostrudel (the only one that supported nostrconnect a while ago) passes it as query-string, so I implemented both ways in nsec.app. nostr-login uses json. I'm fine with switching to query string.

It should be clear what sorts of values are expected for name and perms, and we should remove any values from the spec that aren't being used by any clients.

I don't use description, and I don't think it's useful. The rest are useful and pretty obvious, perms is defined. Maybe something like "Client's metadata is presented by signer to the user to improve UX" might be added to the NIP.

Yeah, this is annoyingly under-specified. I had to look at nostr-login's source to get something to work. It doesn't follow the spec, but instead puts all the params directly into the uri, which is much more sane than json encoding everything. I checked with @greenart7c3 and he said he'd be fine to support that. (I know both guys have already chimed in, just explaining how I got to where I am) So Coracle does this:

const params = new URLSearchParams({secret, url, name, image, perms})

for (const relay of relays) {
  params.append('relay', relay)
}

const nostrconnect = `nostrconnect://${clientPubkey}?${params.toString()}`

@nostrband is referring to icon rather than image, so there are obviously different ideas floating around. We should open a PR to clarify.

#1597