From fba83ea39e2d4d6e854df864502b2b59513480ff Mon Sep 17 00:00:00 2001
From: Anthony Accioly <1591739+aaccioly@users.noreply.github.com>
Date: Sat, 21 Jun 2025 00:46:39 +0100
Subject: [PATCH] docs(readme): clarify NIP-46 signing with remote bunker

- Add example linking to Amber for NIP-46 bunker usage.
- Include note on setting `NOSTR_CLIENT_KEY`
---
 README.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 83c6d29..b86ba59 100644
--- a/README.md
+++ b/README.md
@@ -128,11 +128,20 @@ type the password to decrypt your secret key: **********
 985d66d2644dfa7676e26046914470d66ebc7fa783a3f57f139fde32d0d631d7
 ```
 
-### sign an event using a remote NIP-46 bunker
+### sign an event using a remote NIP-46 bunker (e.g. [Amber](https://github.com/greenart7c3/Amber))
 ```shell
+~> export NOSTR_CLIENT_KEY="$(nak key generate)"
 ~> nak event --sec 'bunker://a9e0f110f636f3191644110c19a33448daf09d7cda9708a769e91b7e91340208?relay=wss%3A%2F%2Frelay.damus.io&relay=wss%3A%2F%2Frelay.nsecbunker.com&relay=wss%3A%2F%2Fnos.lol&secret=TWfGbjQCLxUf' -c 'hello from bunker'
 ```
 
+> [!IMPORTANT]
+> If you don't set `NOSTR_CLIENT_KEY`, nak will generate a new client key on every run.
+This may cause signing to fail or trigger repeated authorization requests, depending on the remote signer setup.
+To avoid this, consider setting a fixed `NOSTR_CLIENT_KEY` in your shell configuration file, e.g., for `bash`:
+> ```shell
+> echo 'export NOSTR_CLIENT_KEY="$(nak key generate)"' >> ~/.bashrc
+> ```
+
 ### sign an event using a NIP-49 encrypted key
 ```shell
 ~> nak event --sec ncryptsec1qggx54cg270zy9y8krwmfz29jyypsuxken2fkk99gr52qhje968n6mwkrfstqaqhq9eq94pnzl4nff437l4lp4ur2cs4f9um8738s35l2esx2tas48thtfhrk5kq94pf9j2tpk54yuermra0xu6hl5ls -c 'hello from encrypted key'