Added NostrConnect support. Implemented new inactivity lock to autolock keys and autosuspend app permissions after user defined period. Additional work on connection health monitoring. Updated documentation.

Author: Letdown2491

CHANGELOG.md

@@ -1,5 +1,74 @@
 # Changelog
 
+## [1.5.0]
+
+### Added
+- **Unified Connect App modal**: Two tabs for both connection methods in one place
+  - **Bunker URI tab**: Generate and share bunker URIs with QR code, expiry countdown, copy button
+  - **NostrConnect tab**: Paste or scan nostrconnect:// URIs from apps
+  - Web UI: QR code scanning via camera (uses html5-qrcode library)
+  - Android: QR code scanning via camera (existing ML Kit integration)
+  - Both platforms support paste-from-clipboard for quick URI entry
+  - Parses and validates URI components (client pubkey, relays, secret, permissions)
+  - Shows app name, client info, and requested permissions before connecting
+  - Trust level selection during connection
+- New API endpoint: `POST /nostrconnect` for connecting via nostrconnect:// URI
+- New API endpoint: `POST /connections/refresh` for forcing relay pool reset when connections are silently dead
+- Documentation: Added fail2ban integration guide to DEPLOYMENT.md for recovering from silent WebSocket connection failures
+- **Per-app relay subscriptions**: NIP-46 spec-compliant relay handling for nostrconnect apps
+  - Apps connected via nostrconnect:// can use their own relays for NIP-46 requests
+  - Responses are published to both daemon's relays and the app's specified relays
+  - Subscriptions are automatically cleaned up when apps are revoked
+- **Inactivity Lock in System Status**: Both platforms now show lock status and "Lock Now" button
+  - Web UI: System Status modal shows countdown timer with urgency coloring (normal/warning/critical)
+  - Web UI: "Lock Now" button triggers passphrase confirmation dialog
+  - Android: System Status sheet shows countdown timer and Lock Now functionality
+  - Key selector shown when multiple active keys exist
+- **Activity logging for nostrconnect connections**: Apps connected via nostrconnect:// now appear in Activity
+  - New `app_connected` admin event logged when connecting via nostrconnect:// URI
+  - Displays in Recent widget and Activity page with Link icon
+  - Shows app name, key name, and connection source (web UI or Android)
+  - Provides visibility parity with bunker:// connections which already logged activity
+
+### Improved
+- Web UI: Bundle code splitting for faster initial load
+  - Vendor chunks for React, QR libraries, and nostr-tools
+  - QR scanner lazy-loaded only when needed
+- Empty state messaging now explains both connection methods:
+  - "Tap/Click + for NostrConnect, or share your key's bunker URI with an app"
+- Permissions vs trust level clarification in Connect App modal/sheet:
+  - Added hint text: "These are what the app says it needs. Your trust level controls what actually gets auto-approved."
+- Partial success handling: Shows warning when app is connected but relay notification failed
+- Better duplicate app detection with clearer error message
+- **Android Settings page condensed**:
+  - Trust level selection now uses dropdown instead of full-height rows
+  - App Lock timeout selection now uses inline dropdown
+  - App Lock and Inactivity Lock merged into single "Security" card
+  - Removed Test Panic button (functionality moved to System Status sheet)
+- **Android Inactivity Lock screen**: Now allows key selection when multiple locked keys exist
+
+### Fixed
+- Android: Key state changes (lock/unlock) now properly refresh available keys in Connect App sheet
+- Android: Activity page filter tabs now scroll horizontally on narrow screens
+- Android: Admin event badges and text now use blue to match web UI
+- Web UI: Key selection resets when selected key becomes unavailable
+- QR scanner feedback for invalid codes (bunker:// URIs, web URLs, other non-nostrconnect content)
+- Relay URL validation catches malformed URLs before connection attempt
+- Android: Fixed memory leak in SignetNavHost where API client wasn't closed on URL change
+- Android: Fixed API client resource leak in 5 screens (HomeScreen, ActivityScreen, AppsScreen, KeysScreen, SetupScreen) - client now closed in finally block
+- Daemon: Denied requests now include app name in activity feed (previously only showed npub)
+- Daemon: Fixed silent WebSocket connection failures causing NIP-46 subscriptions to stop working (#28)
+  - Health check now recreates actual managed subscriptions instead of throwaway ping subscriptions
+  - Each health check both tests AND refreshes one subscription (round-robin rotation)
+  - Guarantees all subscriptions get fresh connections every N×90s (where N = number of keys)
+  - Previously, health checks could pass while actual NIP-46 subscriptions remained dead on stale connections
+
+### Security
+- Daemon logs warning at startup when CORS wildcard origin (*) is configured (fine for testing, but not production)
+- Config file permissions now set to 0600 (owner read/write only) after creation
+
+---
+
 ## [1.4.0]
 
 ### Added

README.md

@@ -1,8 +1,8 @@
 # Signet
 
-A modern NIP-46 remote signer for Nostr. Manages multiple keys securely with a web dashboard for administration. This project was originally forked from [nsecbunkerd](https://github.com/kind-0/nsecbunkerd), but has since received an extensive rewrite. 
+A modern NIP-46 remote signer for Nostr. Manages multiple keys securely with a web dashboard for administration. This project was originally forked from [nsecbunkerd](https://github.com/kind-0/nsecbunkerd), but has since received an extensive rewrite and now shares very little code with it.
 
-An Android app is [available on ZapStore](https://zapstore.dev/apps/naddr1qvzqqqr7pvpzpk4yr0kmdpv3xcalgsrldp7tj7yuc4p76qjtka7z95kgfky02s2nqq2hgetrdqhxwet9dd6x7umgdyh8x6t8dejhgck8a3z). The Android app is a frontend only, so running the daemon is required. DO NOT run the daemon on a public machine. The preferred method is to run it on a machine sitting on a private network. Tailscale is preferred and documented in [docs/DEPLOYMENT.md](docs/DEPLOYMENT.md). 
+Signet separates the signing back end from the front end, and ships with a web UI. A companion Android app is [available on ZapStore](https://zapstore.dev/apps/naddr1qvzqqqr7pvpzpk4yr0kmdpv3xcalgsrldp7tj7yuc4p76qjtka7z95kgfky02s2nqq2hgetrdqhxwet9dd6x7umgdyh8x6t8dejhgck8a3z). Other platforms are possible and on the roadmap.
 
 ## Web UI Screenshots
 
@@ -44,47 +44,7 @@ docker compose run --rm signet add --name main-key
 
 **Upgrading:** Pull the latest changes, rebuild, and restart. Database migrations run automatically on daemon startup.
 
-## Development Setup
-
-**Prereqs:** Node.js 20+, pnpm
-
-```bash
-git clone https://github.com/Letdown2491/signet
-cd signet
-pnpm install
-```
-
-Start the daemon:
-
-```bash
-cd apps/signet
-pnpm run build
-pnpm run prisma:migrate
-pnpm run signet start
-```
-
-Optionally, you could add keys and start the daemon from the CLI with a specific key directly:
-
-```bash
-cd apps/signet
-pnpm run build
-pnpm run prisma:migrate
-# Add a key via CLI (prompts for passphrase and nsec, optional if using web dashboard or Android app)
-pnpm run signet add --name main-key
-# Start with a key already unlocked (prompts for passphrase, optional if using web dashboard or Android app)
-pnpm run signet start --key main-key
-```
-
-Start the UI dev server (in a separate terminal, optional if using Android app):
-
-```bash
-cd apps/signet-ui
-pnpm run dev
-```
-
-Open `http://localhost:4174` to access the dashboard. From there you can add keys, connect apps, and manage signing requests. Note that this is not required if you plan to manage keys and signing approvals via the Android app.
-
-## Production Setup (Without Docker)
+## Quick Start (PNPM)
 
 Build and run the daemon:
 
@@ -123,9 +83,30 @@ Config is auto-generated on first boot at `~/.signet-config/signet.json`.
 
 See [docs/CONFIGURATION.md](docs/CONFIGURATION.md) for all options.
 
+## Connecting Apps
+
+There are two ways to connect a Nostr app to Signet:
+
+**bunker:// (Signet initiates)**
+1. Go to the Keys page and select a key
+2. Click "Generate bunker URI" to get a one-time connection link
+3. Paste the bunker URI into your Nostr app's remote signer settings
+4. The app connects automatically
+
+**nostrconnect:// (App initiates)**
+1. In your Nostr app, look for "Connect via remote signer" or similar
+2. The app displays a nostrconnect:// URI or QR code
+3. In Signet, click + on the Apps page (or scan QR on Android)
+4. Paste the nostrconnect:// URI and choose a key and trust level
+5. Click Connect to complete the handshake
+
+Both methods result in the same secure connection. Use whichever your app supports.
+
 ## Security
 
-Keys are encrypted with AES-256-GCM (PBKDF2, 600k iterations). API endpoints require JWT auth with CORS and rate limiting.
+Keys are encrypted with AES-256-GCM (PBKDF2, 600k iterations). API endpoints require JWT auth with CORS and rate limiting. An optional **Inactivity Lock** (Dead Man's Switch) automatically locks all keys and suspends all apps if not reset within a configurable timeframe. Additional, an optional admin npub can be set to allow sending DM commands (NIP-04/NIP-17) to Signet without access to any UI.
+
+DO NOT run the daemon on a public machine. We recommend private network access only. Tailscale is preferred and documented in [docs/DEPLOYMENT.md](docs/DEPLOYMENT.md). 
 
 See [docs/SECURITY.md](docs/SECURITY.md) for the full security model.
 

VERSION

@@ -1 +1 @@
-1.4.0
+1.5.0

apps/signet-android/app/build.gradle.kts

@@ -30,7 +30,7 @@ android {
         applicationId = "tech.geektoshi.signet"
         minSdk = 26
         targetSdk = 35
-        versionCode = 6
+        versionCode = 7
         versionName = appVersion
 
         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"

apps/signet-android/app/images/signet-android-1-home.png

@@ -35,14 +35,28 @@ class SignetApplication : Application() {
             enableVibration(true)
         }
 
+        // Inactivity lock channel (high priority for urgent warnings)
+        val inactivityChannel = NotificationChannel(
+            INACTIVITY_CHANNEL_ID,
+            getString(R.string.inactivity_channel_name),
+            NotificationManager.IMPORTANCE_HIGH
+        ).apply {
+            description = getString(R.string.inactivity_channel_description)
+            setShowBadge(true)
+            enableVibration(true)
+        }
+
         notificationManager.createNotificationChannel(serviceChannel)
         notificationManager.createNotificationChannel(alertChannel)
+        notificationManager.createNotificationChannel(inactivityChannel)
     }
 
     companion object {
         const val SERVICE_CHANNEL_ID = "signet_service"
         const val ALERT_CHANNEL_ID = "signet_alerts"
+        const val INACTIVITY_CHANNEL_ID = "signet_inactivity"
         const val SERVICE_NOTIFICATION_ID = 1
         const val ALERT_NOTIFICATION_ID = 2
+        const val INACTIVITY_NOTIFICATION_ID = 100
     }
 }

apps/signet-android/app/images/signet-android-2-apps.png

@@ -7,11 +7,19 @@ import tech.geektoshi.signet.data.model.AppsResponse
 import tech.geektoshi.signet.data.model.ConnectionTokenResponse
 import tech.geektoshi.signet.data.model.SuspendAppBody
 import tech.geektoshi.signet.data.model.DashboardResponse
+import tech.geektoshi.signet.data.model.DeadManSwitchActionBody
+import tech.geektoshi.signet.data.model.DeadManSwitchResponse
+import tech.geektoshi.signet.data.model.DeadManSwitchStatus
+import tech.geektoshi.signet.data.model.DisableDeadManSwitchBody
+import tech.geektoshi.signet.data.model.EnableDeadManSwitchBody
 import tech.geektoshi.signet.data.model.HealthStatus
 import tech.geektoshi.signet.data.model.KeysResponse
+import tech.geektoshi.signet.data.model.NostrconnectRequest
+import tech.geektoshi.signet.data.model.NostrconnectResponse
 import tech.geektoshi.signet.data.model.OperationResponse
 import tech.geektoshi.signet.data.model.RelaysResponse
 import tech.geektoshi.signet.data.model.RequestsResponse
+import tech.geektoshi.signet.data.model.UpdateDeadManSwitchBody
 import io.ktor.client.HttpClient
 import io.ktor.client.call.body
 import io.ktor.client.engine.okhttp.OkHttp
@@ -23,6 +31,7 @@ import io.ktor.client.request.get
 import io.ktor.client.request.parameter
 import io.ktor.client.request.patch
 import io.ktor.client.request.post
+import io.ktor.client.request.put
 import io.ktor.client.request.header
 import io.ktor.client.request.setBody
 import io.ktor.http.ContentType
@@ -227,6 +236,25 @@ class SignetApiClient(
         }.body()
     }
 
+    /**
+     * Connect to an app via nostrconnect:// URI.
+     */
+    suspend fun connectViaNostrconnect(
+        uri: String,
+        keyName: String,
+        trustLevel: String,
+        description: String? = null
+    ): NostrconnectResponse {
+        return client.post("/nostrconnect") {
+            setBody(NostrconnectRequest(
+                uri = uri,
+                keyName = keyName,
+                trustLevel = trustLevel,
+                description = description
+            ))
+        }.body()
+    }
+
     /**
      * Get relay status
      */
@@ -267,6 +295,90 @@ class SignetApiClient(
         }
     }
 
+    // ==================== Dead Man's Switch (Inactivity Lock) ====================
+
+    /**
+     * Get Dead Man's Switch status
+     */
+    suspend fun getDeadManSwitchStatus(): DeadManSwitchStatus {
+        return client.get("/dead-man-switch").body()
+    }
+
+    /**
+     * Enable the Dead Man's Switch
+     */
+    suspend fun enableDeadManSwitch(timeframeSec: Int? = null): DeadManSwitchResponse {
+        return client.put("/dead-man-switch") {
+            setBody(EnableDeadManSwitchBody(
+                enabled = true,
+                timeframeSec = timeframeSec
+            ))
+        }.body()
+    }
+
+    /**
+     * Disable the Dead Man's Switch
+     */
+    suspend fun disableDeadManSwitch(
+        keyName: String,
+        passphrase: String
+    ): DeadManSwitchResponse {
+        return client.put("/dead-man-switch") {
+            setBody(DisableDeadManSwitchBody(
+                enabled = false,
+                keyName = keyName,
+                passphrase = passphrase
+            ))
+        }.body()
+    }
+
+    /**
+     * Update the Dead Man's Switch timeframe
+     */
+    suspend fun updateDeadManSwitchTimeframe(
+        keyName: String,
+        passphrase: String,
+        timeframeSec: Int
+    ): DeadManSwitchResponse {
+        return client.put("/dead-man-switch") {
+            setBody(UpdateDeadManSwitchBody(
+                timeframeSec = timeframeSec,
+                keyName = keyName,
+                passphrase = passphrase
+            ))
+        }.body()
+    }
+
+    /**
+     * Reset the Dead Man's Switch timer
+     */
+    suspend fun resetDeadManSwitch(
+        keyName: String,
+        passphrase: String
+    ): DeadManSwitchResponse {
+        return client.post("/dead-man-switch/reset") {
+            setBody(DeadManSwitchActionBody(
+                keyName = keyName,
+                passphrase = passphrase
+            ))
+        }.body()
+    }
+
+    /**
+     * Test the panic functionality (for testing)
+     */
+    suspend fun testDeadManSwitchPanic(
+        keyName: String,
+        passphrase: String
+    ): DeadManSwitchResponse {
+        return client.post("/dead-man-switch/test-panic") {
+            setBody(DeadManSwitchActionBody(
+                keyName = keyName,
+                passphrase = passphrase
+            ))
+        }.body()
+    }
+
     /**
      * Close the client
      */