A
Alby
Roadmap
⚫ Alby Hub - πŸ’‘ Request a Feature
Changelog
A
Alby
Roadmap
⚫ Alby Hub - πŸ’‘ Request a Feature
Changelog
Voters
D
S
M
Powered by Noora
3
Ability to see previously created NWC connection secrets & create sub-connections
D
Den
Sep 6, 2024

I do not know if any of this is possible or how hard these ideas would be to implement but I will share my thoughts from a user perspective.
I believe it would be a great benefit if there was the possibility to either see the NWC connection secret again after it had been created or even better to have the ability to create sub-connections within Hub isolated connections. These features would greatly enhance user experience especially with the introduction of the Friends and Family feature.

The key problems with not being able to see the NWC secret again are:

  1. The need to onboard someone to all the friends and family features at the same time.
    If someone first only wants connection to a mobile wallet but then later decides that they want to try out the ally extension or nostr apps they will be required to set up an entirely new isolated connection requiring their balance to be manually transferred across.

  2. If you lose a phone or want to connect to a new browser
    For example if a user has an isolated connection linked with AlbyGo but then get a new phone they would have to create an entirely new isolated connection and would need to re-link every NWC connection and nostr app they have connected, losing their balance and transaction history in the process. The same issue would occur if they have a NWC connection to the Alby browser extension but want to also connect on a new computer or a different browser on the same computer. If a user is required to re-connect any single app connection they are required to re-connect every connection.

  3. Ability to link isolated spending balance to many apps.
    For example what if a friend initially sets up their account to be connected to one nostr client but later want to connect on another they would be unable to do so. One of the key features of nostr is the ability to try out different clients and seamlessly transition. Not being able to reveal a users NWC connection secret prevents this or at the very least makes the transition much more difficult.

  4. Poor security as users are incentivised to save the NWC connection details in insecure ways.
    To overcome these problems it is tempting for users to just store the NWC connection secret so that in the future they are able to reconnect. It may also incentivise β€œUncle Jims” to store all the connections for each of their friends and family so that it is easier to reconnect them in the future if required without the need to create an entirely new connection for them and transfer their funds to this new connection. Thus while the intention of not being able to reveal the NWC connection secret again is to increase security it may actually harm security if users take it upon themselves to store these secrets in insecure ways. Additionally I do not actually see how hiding the NWC connection secret improves security as anyone with access to the Alby Hub is able to spend all the funds regardless of seeing old connections.

It is worth noting that although it is not possible to view the NWC connection secrets again in the hub this is not the case with all apps. For example in Amethyst you are able to view the connection details again after they have been saved.

These user experience deficiencies could be mitigated by allowing previously created NWC connection secrets to be seen again after creation however I think the best solution to these problems would be if isolated connections had the ability to create sub-connections in the same way that you can create connections under the main/master wallet.

This would have the additional benefit of allowing isolated connections to create sub-connections with limited permissions such as receive only access to be linked to an app such as Buzz Pay. Additionally this would also allow friends and family users to create isolated connections of their own which they may want to create for all the same reasons that the owner of the Hub would. It could be visualised as a branching tree where the trunk is the main/master wallet, each branch is a friend & family isolated connection and then the friends & family connections are able to have many leaves that are all sub-connections with varying permissions.

Again as I said initially I do not know if there are technical limitations that make this difficult or impossible however I feel that from the user experience side this would be ideal to really bring the Uncle Jim Hub vision to reality. I also do not want to sound like I am demanding new features. I understand that friends and family has only just been released and I am very excited by the state that the hub is in currently and am only posting my thoughts here after being encouraged to do so on discord. I have loved everything that I have seen with the hub so far and look forward to seeing what the future brings.

Comments
R
roland
Sep 9, 2024

Hi Den, thanks for the feedback!

In Alby Go you can export your connection secret, but it's also poor security to connect the same secret to multiple apps as they will all have full access to the wallet.

Currently Alby Go is designed to be the first experience for newly onboarded users from an Uncle Jim setup - just a simple wallet. And once they are ready to gain the full potential of NWC they would need to run their own Alby Hub.

It is also not always possible to store secrets as there are NWC flows where only the initiating app knows the private key, and just gives the public key to Alby Hub. This may be the main flow in the future when we have an app-initiated connection flow (like we used to with nwc.getalby.com, but it's more challenging with self custody).

But possibly there could be a way to replace a keypair for an app connection of a family member/friend who lost their connection secret so they still keep their transaction history?

1
D
Den
Sep 9, 2024

roland Thank you for the reply.
Perhaps I was thinking of the hub family and friends connection being a solution for others for a longer time frame than it was intended as the way you describe it makes it sound more like a trial before they set up their own hub. Could it be possible to set up an entire hub as being an isolated connection of another hub?

The limitation of only the initiating app only knowing the key makes sense to me.

The last point could possibly be useful however I still think the main burden is that you have to reconnect all NWC apps to a new connection if they need to reconnect any single app or wish to add a new connection at any point.

0
R
roland
Sep 10, 2024

Den I thought about this, I think it would be great to add a NWC backend as one of the wallet options to Alby Hub, then this is possible.

Yeah - I think if a person loses their wallet then there is some friction, but it's not our main focus at the moment (most likely they did not care enough in the first place, and just giving them a new wallet and sending them the same amount of sats may be ok). However, if they still have one working app with the NWC connection, maybe they can export it and re-add it to the ones they lost.

1