pub const VECTOR_NIP46_PERMS: &[&str];Expand description
NIP-46 permission scope Vector requests on client-initiated pairings.
Sent as the perms= query parameter on nostrconnect:// URIs. Signer apps
that honour it (Amber, nsec.app) surface this list on their pairing screen
and refuse RPC calls outside the granted scope. Vector intentionally never
requests get_private_key: the whole point of a Remote Signer is that the
identity nsec stays on the signer device, so allowing extraction would
defeat the threat model. Adding a method here is an explicit policy
decision; signer apps that don’t enforce perms server-side still benefit
from a smaller surface in their pairing UI.