Clave 1.0 — submitted to the App Store.
Clave is an iOS NIP-46 remote signer: your Nostr private key stays in the iPhone Keychain, and apps request signatures over an end-to-end encrypted channel — they never receive the key. This is the 1.0 milestone (iPhone, build 102).
Signing & security
- Push-woken background signing — Clave can decrypt, check permissions, sign, and respond with the app closed; no foreground requirement.
- Incoming signature verification (enforced) — BIP-340 Schnorr over canonical NIP-01 serialization, plus a replay-freshness guard.
- Updated NIP-44 encryption with a kind-scoped permission model and three sensitivity tiers.
- Low-trust signing fix — approving now completes the original request instead of erroring early.
Pairing & accounts
bunker://andnostrconnect://pairing — QR scan or paste.- Multi-account — pair an app once and bring all your identities in a single flow; each key stays separate.
- Client metadata on
connect— pairings can show a real app name. - NIP-46
logout— a paired app can cleanly disconnect itself.
Control & visibility
- Per-app trust levels (Full / Medium / Low) with per-event-kind overrides; sensitive actions always prompt.
- Activity log for every signature; one-tap unpair.
- Bring your own proxy — point Clave at a self-hosted push proxy in Settings. The stack is open source (MIT).
Interop is tracked per client in docs/nip46-compatibility.md.
iPhone-only · build 102 · a183f21