moar wallet attachments

sending with NWC and LNBits
You can attach wallets for sending now via @ekzyis. To start we support attaching Nostr Wallet Connect and LNBits. @ekzyis did a lot of work to make the UX as close to familiar as possible and I think it's stellar.
Note: The credentials are stored in the browser, so please set a budget on them. @ekzyis took a lot of care making the browser as safe as we can for storing these, but you'll want to be extra careful anyway.
autowithdraw to LND
In addition to autowithdrawing to a lightning address, you can now autowithdraw to LND. We support connecting to your node over Tor so you should be able to push out funds to your home node even if it doesn't have a public IP.
If you attach LND in addition to a lightning address, you can set a default and if it fails we attempt your other method.
expect more methods soon
There are a lot of wallets and ways to connect them, but we plan to support any method that makes sense as time goes on. We'll likely be adding CLN and Zebedee next.

NSFW territory labels

๐Ÿšจ first time contributor alert
Territories can now be labelled NSFW and are visible on an opt-in basis unless visited directly via @mz.

improvements to domain searching

๐Ÿšจ first time contributor alert
When you search with a url:example.com filter you should see less strict results via @btcbagehot.

bug fixes

  • wonky checkboxes on territory form via @mz
  • pinned posts now really do show up in home via @ekzyis

what's next

  • we have a nearly done nostr crossposting PR via @bitcoinplebdev that allows you to crosspost all post types and will likely be merged soon
  • a variety of territory enhancements
    • @mz is working on a top for territories
    • @byoungdale has a draft going for crossposting
    • I'll work on changing the territory billing period here shortly then sub-territories (unless someone beats me to either)
  • more thorough bolt11 deletion via @dillon will be merged soon
  • lots of random stuff I'm sure
Happy Valentine's!
1891 sats \ 5 replies \ @nout 14 Feb
This could use a short video with a demo! It's hard to understand what is NWC and how does it relate to SN.
reply
I agree! We'll probably need docs for all of this. When I shared our plans for the wallet, @moneyball astutely noted how overwhelming it would be to the average person.
So we'll also want a "wizard" like experience at some point, eg "do you know the difference between custodial and non-custodial?" if yes then "do you run a node?" then "does it have a public IP address?" and so on.
Regardless, we can't expect the average person to stand for that kind of torture so we have a lower friction onramp planned where an attached wallet isn't necessary.
reply
Oh, great idea! I'll do one with Mutiny and share it here.1
We also thought about having specific cards for wallets which link to the same setup page if they use the same protocol (like NWC here) but include specific setup guides for these wallets. We could add videos together with some screenshots then there, too :)

Footnotes

  1. Great use case for pinned comments? ๐Ÿ‘€ โ†ฉ
reply
I'll do one with Alby and Mutiny when we deployed this fix: Fix NWC support detection
reply
deployed
reply
Created one now in #428781
reply
612 sats \ 1 reply \ @leo 14 Feb
Very cool! How come some options are either send OR receive? Couldn't LNbits or LND Accounts (over LNC) be both?
reply
Yes! We just need to tease apart permissions so weโ€™re not storing spending perms on the server (without them being encrypted) but still have perms to generate invoices on the server.
Weโ€™ll iterate to these โ€œduplexโ€ permissions eventually.
reply
Mine is stuck on this red light
reply
859 sats \ 1 reply \ @k00b OP 13 Feb
NWC? I don't think we validate the string yet (PR pending). Console say anything interesting?
reply
Yeah for nwc, console didn't have any logs
reply
Great updates, auto-withdraw to LND and adding NWC is pretty wild.......
reply
Great work guys, you're shipping awesome features! I intend to attach my LND and my LNBits. Wondering why it is "non-custodialish"...
reply
21 sats \ 1 reply \ @ek fwd 13 Feb
If it's non-custodial depends on what LNbits or NWC provider you use.
You could be using https://legend.lnbits.com for example or Alby with NWC but in a custodial way.
It's just possible to use it non-custodial.
reply
Oh, I get it. I'll be using it from my Umbrel node.
reply
NWC! LFG. Will set that up with Mutiny tonight to see how it goes. Very nice work!
reply
A few of them have gone through but hard to tell if it's being slow on the SN side or on the Mutiny side. Perhaps someone with alby or lnbits could test out too to see how it goes.
The comments are kind of painful to sit there and wait for. I wish it could just act like it went through but have some pending UI for it.
reply
It could b because we poll on the client for the invoice being paid which probably adds 500ms of latency on average.
Great feedback.
reply
Unfortunately doesn't work for both self-custodial NWC app and Alby hosted NWC
reply
It's meant to work. We probably have a bug.
What errors are you getting in your console?
reply
3234 sats \ 8 replies \ @saunter 13 Feb
Uncaught (in promise) EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules'".
at bakeCollection (content.7f229555.js:2064:98610) at Object.u (content.7f229555.js:2064:93234) at Object.g [as call] (content.7f229555.js:2064:93437) at es.o [as emit] (content.7f229555.js:2064:85238) at es.stop (content.7f229555.js:17:30157) at es.eoseReceived (content.7f229555.js:17:31755) at content.7f229555.js:17:8787 at Array.forEach (<anonymous>) at T.eoseReceived (content.7f229555.js:17:8754) at content.7f229555.js:17:11970
reply
@ekzyis looks like the nostr library violates CSP
reply
Mhh, interesting, I tested NWC when we launched and I could generate NWC requests ๐Ÿค”
reply
I think it might be that the library uses wasm, some browsers probably don't support it, and we allow unsafe-eval-wasm but not unsafe-eval
hard to tell if it's being slow on the SN side or on the Mutiny side.
We poll every second if the invoice was paid, so some slowness is definitely on our side.
The comments are kind of painful to sit there and wait for. I wish it could just act like it went through but have some pending UI for it.
What do you mean? You should see toasts that show if payments are pending.
update: Oh, you mean the toasts in the right bottom corner with comments? no, Tony didn't.
Perhaps someone with alby or lnbits could test out too to see how it goes.
1037 sats \ 0 replies \ @saunter 13 Feb
If anyone wants to learn about NWC, add it to your website or contribute, there's a fresh website: https://nwc.dev/
We also started a Discord for builders integrating NWC (apps and wallets). Join us here: https://discord.gg/PS7EhpyF
reply
937 sats \ 0 replies \ @anon 13 Feb
Can yall build NWC into LNbits though. That is the question ๐Ÿ˜…
reply
457 sats \ 8 replies \ @ek fwd 17 Feb
This video demonstrates how to connect your Mutiny or Alby wallet via NWC with SN:
It should work with any wallet that supports NWC though. Paste the connection string that starts with nostr+walletconnect:// into the NWC input here and you should be good to go!
reply
Super cool! Yeah, I'd say it would be better to switch to optimistic UX - just make it look like it's been zapped immediately and only pop up any dialog when the payment actually fails (it could also just be a SN notification).
reply
We're going to house an abort button on the toast eventually, but should probably make it lower contrast than it currently is.
reply
I guess my question is why is the toast even needed in the success case? Why should user care? In the nostr apps that use NWC the status of the lightning icon just updates...
367 sats \ 0 replies \ @Eobard 13 Feb
gj ek
reply
248 sats \ 1 reply \ @ek fwd 13 Feb
We also allow 50 MB free images per stacker per day now. Before, it was 10 MB per day.
/cc @Natalia ๐Ÿ‘€
reply
oh let me test it ๐Ÿ‘€
503 sats \ 0 replies \ @sn 13 Feb
You can attach wallets for sending now
๐Ÿ‘€
reply
Oops, I guess I did a soft reveal of the new contributors the other day. Welcome to the club!
reply
Learn how to attach LNBits wallet to SN #697132
reply
Howdy @k00b @ek I am having some issue attaching my CLN node via Tor and getting the following error:
------ start of logs ------ 1s [cln] ERROR could not connect to CLN: request to https:/xxx.onion:2100/v1/invoice failed, reason: getaddrinfo ENOTFOUND xxx.onion 1s [cln] ERROR failed to attach wallet
Look's by default is looking to https connection. I tried to use http:// when inserting the rest host and port without success. There's any configuration I need to set in my node to enable HTTPS connection via tor? or can I somehow enable the connection via http?
reply
It's a known bug. We're enforcing HTTPS even for Tor in the backend but this breaks how our Tor name resolution works. I'll fix it today.
reply
@ek, have noticed the issues 1107, 1136 and 1133 have been merged but still getting the same error. Anything I need to do differently?
reply
They haven't been deployed yet. I'll deploy them tomorrow.
If you're ever curious what version we're on you can click the running XXXXXX in the footer.
reply
Not sure why it still give me error:
could not connect to CLN: invalid json response body at http://xxx.onion:2100/v1/invoice reason: Unexpected token < in JSON at position 0 failed to attach wallet
I also tried to use the one in position 0 and the input validation obviously give back rune must be restricted to method=invoice only
anything else I could try?
reply
That error is pretty vague sadly so I canโ€™t tell whatโ€™s wrong. Iโ€™ll put up an issue on GitHub
reply
Look's is looking only at the rune in position 0 in the JSON. There's maybe a way to define the rune position in the form? Or maybe having the script to look at all runes in the file for a match? Just ideas...
amazing, thanks for the update. I'll try again tomorrow.
reply
Thanks much appreciated
reply
Why does attaching LND need address and onchain permission macaroons? https://github.com/stackernews/stacker.news/blob/master/lib/macaroon.js#L61
Shouldn't invoice:write be sufficient for auto withdrawls?
reply
It doesn't need them, but I didn't anticipate people baking their own macaroons with granular perms. I assumed people would use the default macaroons.
If you wouldn't mind opening an issue I can narrow the perm check.
Erm whatโ€™s a Nostr Wallet Connect?
reply
Nostr Wallet Connect (NWC) is a way for applications like Nostr clients to access a remote Lightning wallet through a standardized protocol. For instance, you can link your Alby account with any other application using this feature.
reply
Can someone explain what NWC is and how it works?
reply
See my answer to the comment above from cryotosensei
reply
Cant get nwc to work with my start9 nwc connection FYI.. shows red light
reply
What browser?
reply
166 sats \ 0 replies \ @bzzzt 14 Feb
I tried with vanadium and Mozilla on graphene OS
reply
Why am i seeing a red status indicator. I'm using NWC on Start9
reply
Mind checking your console for errors and sharing which browser you're using?
Some browsers don't like some of the security settings we are asking it to enforce.
reply
iOS 17.3.1 - Safari (PWA). Not sure if my string is good: nostr+walletconnect://<long-alphanumeric-string>?relay=wss://relay.getalby.com/v1&secret=<secretstring>
reply
The string might be bad. We don't validate it to check. I'll run some more tests in all the problem browsers tomorrow and see if I can fix it.
reply
987 sats \ 4 replies \ @ek fwd 14 Feb
Going to add the validation tomorrow.
However, there should be a toast with some error message if the credentials are no good1:
The form also shouldn't close if the info event wasn't found. And if it was found, the wallet indicator should turn green.
But maybe the error is CSP + browser combination again which throws an error at a location which isn't toasted.

Footnotes

  1. That check only verifies everything up to but not including the secret since a correct secret is not required to receive the info event unfortunately. โ†ฉ
reply
reply
Oh, sorry, I mean Content Security Policy. This is supposed to tell your browser what code is good to run and which should get blocked. It might be blocking too much depending on the browser.
reply
Gotcha. Also, shouldn't it say "detach" instead of "unattach"? It's your app, but feels more natural
Is there a way to see console data on ios without connecting to a mac/xcode?
reply
No it has to be connected to a Mac afaik.
reply
any update on improvements on connecting things like ln address or lnd node over tor to receive auto withdrawals? happy to help test when you need it ๐Ÿค™
a cool feature,btw would be to set withdrawals to your node happen randomly for random intervals of sats and maybe randomly in time...make it hard to papertrail sats you are zapped on here and where they go.. just a cool idea obviously not needed.
for example set so a third of my stacker news wallet gets withdrawn at a random time every 7 days to my lnd node.
i am trying to link up my lnd node running on start9.. i keep getting "invalid input" for my cert.. im copying it from node properties page and have successfully used it for linking up with alby, so i am pretty sure i have the cert right. seems to just not be accepting the cert.. anyone else ran into this issue?